When dealing with security threats and using the Cyber Kill Chain model, which two approaches can an organization use to block a potential back door creation? (Choose two.)
- Audit endpoints to discover abnormal file creations.
- Establish an incident response playbook.
- Consolidate the number of Internet points of presence.
- Conduct damage assessment.
- Use HIPS to alert or place a block on common installation paths.
Explanation: In the installation phase of the Cyber Kill Chain, the threat actor establishes a back door into the system to allow for continued access to the target. Among other measures, using HIPS to alert or block on common installation paths and auditing endpoints to discover abnormal file creations can help block a potential back door creation.
Exam with this question: Checkpoint Exam: Analyzing Security Data Group Exam
Exam with this question: CCNA Cyber Ops Practice Final Exam Answers
Please login or Register to submit your answer