Exam SY0-601 topic 1 question 451 discussion

B. Use the latest version of software: The company should upgrade to the latest version of the third-party software that is used to manage the website. Older versions of software often have known vulnerabilities that can be exploited by attackers. Upgrading to the latest version can help ensure that the company is using software that has the latest security patches and fixes. E. Implement a screened subnet for the web server: The company should implement a screened subnet, also known as a DMZ (demilitarized zone), to separate the web-facing server from the internal network. This will provide an additional layer of security by limiting the potential attack surface and reducing the risk of lateral movement by attackers. F. Install an endpoint security solution: An endpoint security solution should be installed on all workstations to protect against malware and ransomware. This can include anti-virus software, host-based firewalls, and other endpoint security controls.

The following are the three actions that should be taken to prevent a ransomware attack from happening again: B. Use the latest version of software: Using the latest version of software will help to patch any vulnerabilities that may exist in older versions of the software. E. Implement a screened subnet for the web server: A screened subnet, or demilitarized zone (DMZ), can be used to isolate the web-facing server from the internal network and to restrict inbound and outbound traffic. F. Install an endpoint security solution: An endpoint security solution can help to protect workstations from malware and ransomware attacks.

Agreed with B, E and F

Why not DLP? Asking so I can make the mental note to choose it over the DMZ. Is it because of the conversation being about a web server in the question?

B. Use the latest version of software E. Implement a screened subnet for the web server F. Install an endpoint security solution

To prevent an attack like this from happening again, the company should: B. Use the latest version of software to ensure that all known vulnerabilities are patched. E. Implement a screened subnet for the web server to add an additional layer of security between the web-facing server and the internet. F. Install an endpoint security solution to protect against malware and other threats. These measures can help improve the security of the company’s network and reduce the risk of future ransomware attacks. Is there anything else you would like to know?

-BEF is correct B. Use the latest version of software: Using outdated third-party software can make the company vulnerable to ransomware attacks, as attackers can exploit vulnerabilities in the software. Updating to the latest version of the software can help to address known vulnerabilities and improve security. E. Implement a screened subnet for the web server: Placing the web-facing server in a screened subnet (also known as a DMZ) can help to isolate it from the rest of the network and prevent attackers from moving laterally within the network in case of a breach. A screened subnet typically includes a firewall that restricts access to and from the server, as well as additional security measures such as intrusion detection and prevention systems (IDS/IPS) and web application firewalls (WAFs). F. Install an endpoint security solution: Endpoint security solutions can help to protect the workstations from malware infections and detect and block malicious activities. This can include solutions such as antivirus, anti-malware, and host-based intrusion detection and prevention systems (HIDS/HIPS).