2.1 Enterprise Environment Security

Question 1

Which of the following should you implement to effectively collect these malicious payloads that the attackers are sending towards your systems without impacting your organization’s normal business operations?

Answer 1

A honeypot is a host set up to lure attackers away from the actual network components and/or discover attack strategies and weaknesses in the security configuration

Question 2

Jumpbox

Answer 2

A jumpbox is a hardened server that provides access to other hosts

Question 3

Sandbox

Answer 3

computing environment isolated from a host system to guarantee that the environment runs in a controlled, secure fashion

Question 4

Containerization

Answer 4

type of virtualization applied by a host operating system to provide an isolated execution environment for an application

Question 5

DNS blackholing

Answer 5

process that uses a list of known domains/IP addresses belonging to malicious hosts and uses an internal DNS server to create a fake reply

Question 6

Route Poisoning

Answer 6

prevents networks from sending data somewhere when the destination is invalid

Question 7

What filter don’t routers usually have?

Answer 7

Routers do not usually have an anti-malware filter, and this would be reserved for a unified threat management system