Explanation:
An in-band IPS is the best choice because it operates directly within the network traffic path, allowing it to inspect and block malicious activity in real time. This proactive approach can effectively prevent attacks by identifying and blocking malicious traffic before it reaches the targeted servers in the DMZ, thereby enhancing the security posture of the organization's network.
Explanation:
Time Synchronization is the most likely use case because the Network Time Protocol (NTP) is primarily used to synchronize the clocks of computers and network devices within a network. By enabling NTP on servers within the DMZ (Demilitarized Zone), Lisa ensures that the servers' system clocks are synchronized accurately with a reference time source. This is crucial for maintaining consistency in timestamps for logging, authentication, and other time-sensitive operations across the network.
Explanation:
Baseline is the best description because before deploying a heuristic-based detection system to monitor network activity, you would create a baseline to establish a reference point for normal network behavior. This baseline helps the system identify deviations or anomalies that may indicate suspicious or malicious activity. By establishing a baseline, you can enhance the accuracy and effectiveness of the heuristic-based detection system in identifying potential threats.
Explanation:
URL Filter is the most likely configuration because it allows you to block access to specific websites or categories of websites based on their URLs. By configuring a URL filter on the Unified Threat Management (UTM) security appliance to restrict traffic going to social media sites, you can effectively control and enforce internet usage policies within your organization, enhancing security and productivity.
Explanation:
Non-Persistence is the best description because the desktop environment reverts to its original state without saving any changes made by the user upon logoff. This behavior is characteristic of non-persistent VDI configurations, where changes made by users during their sessions are discarded, ensuring a clean and consistent desktop environment for each user session.
Explanation:
Firewall is the best description because iptables is a software-based firewall solution commonly used on Linux systems to inspect and handle network-based traffic. By configuring iptables rules, you can control the flow of traffic to and from the Linux computer, allowing it to act as a firewall to protect the network from unauthorized access and malicious activity.
Explanation:
Encrypt it before sending is the best solution because encryption ensures that the content of the email is scrambled in such a way that only the sender and the intended recipient can decipher it using encryption keys. This helps safeguard the confidentiality of the Personally Identifiable Information (PII) during transmission.
Explanation:
Firewall is the correct answer because the provided entries represent firewall rules that allow or deny specific types of traffic based on source, destination, and port numbers. In this case, the entries permit traffic on ports 80 (HTTP) and 443 (HTTPS) while denying all other traffic. This configuration is commonly found in firewall devices, which enforce security policies by filtering and controlling network traffic based on defined rules.
Explanation:
Supporting non-repudiation is the primary use case for mandating the use of digital signatures. Digital signatures provide a way to verify the authenticity and integrity of electronic documents or messages, thereby ensuring that the sender cannot later deny having sent the message or document. This helps establish accountability and trust in electronic transactions within the organization.
Explanation:
Obfuscation is the best description because Louie's action involves hiding plaintext documents within an image file, which obscures the true nature of the data. Obfuscation aims to make data or code more difficult to understand or interpret, often for the purpose of concealing information or thwarting analysis by unauthorized parties.
Explanation:
Container Virtualization is the best description because it allows a computer's operating system kernel to run multiple isolated instances of a guest virtual machine, with each guest sharing the kernel. In container virtualization, applications and their dependencies are packaged together as containers, which share the host operating system's kernel while remaining isolated from each other. This approach offers lightweight and efficient virtualization compared to traditional hypervisor-based virtualization.
