During a security incident on an IaaS platform, which of the following actions will a systems administrator most likely take as part of the containment procedure?
A.
Connect to an instance for triage.
B.
Add a deny rule to the network ACL.
C.
Mirror the traffic to perform a traffic capture.
Explanation:
During a security incident on an IaaS platform, containment is crucial to prevent the attack from spreading and to limit damage.
✔ Network ACLs (Access Control Lists) are used to control inbound and outbound traffic at the subnet level.
✔ By adding a deny rule, the administrator can block malicious traffic, effectively isolating the affected instance or network segment.
✔ This is a fast and effective containment measure that prevents further exploitation.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CV0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
BigM
5 months, 2 weeks ago