Which of the following is the MOST effective way to prevent any newly infected systems from actually encrypting the data on connected network drives while causing the least disruption to normal Internet traffic?

CS0-002

Last Post by Galen 2 years ago

1 Posts

1 Users

0 Likes

126 Views

RSS

Galen

(@mccroygalen)

Noble Member

Joined: 2 years ago

Posts: 739

Topic starter 18/06/2022 10:39 pm

Ransomware is identified on a company's network that affects both Windows and MAC hosts. The command and control channel for encryption for this variant uses TCP ports from 11000 to 65000. The channel goes to good1. Iholdbadkeys.com, which resolves to IP address 72.172.16.2.

Which of the following is the MOST effective way to prevent any newly infected systems from actually encrypting the data on connected network drives while causing the least disruption to normal Internet traffic?

A . Block all outbound traffic to web host good1 iholdbadkeys.com at the border gateway.
B . Block all outbound TCP connections to IP host address 172.172.16.2 at the border gateway.
C . Block all outbound traffic on TCP ports 11000 to 65000 at the border gateway.
D . Block all outbound traffic on TCP ports 11000 to 65000 to IP host address 172.172.16.2 at the border gateway.

Show Answer Hide Answer

Suggested Answer: A

Quote

Topic Tags

CompTIA CySA+

Latest CompTIA CS0-002 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic