A security administrator sees several hundred entries in a web server security log that are similar to the following: The network source varies, but the URL, status, and user agent are the same. Which of the following would BEST protect the web server without blocking legitimate traffic?

Questions › Category: CAS-004 › A security administrator sees several hundred entries in a web server security log that are similar to the following: The network source varies, but the URL, status, and user agent are the same. Which of the following would BEST protect the web server without blocking legitimate traffic?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

A security administrator sees several hundred entries in a web server security log that are similar to the following:
 
The network source varies, but the URL, status, and user agent are the same. Which of the following would BEST protect the web server without blocking legitimate traffic?

A. Replace the file xmlrpc.php with a honeypot form to collect further IOCs.

B. Automate the addition of bot IP addresses into a deny list for the web host.

C. Script the daily collection of the WHOIS ranges to add to the WAF as a denied ACL.

D. Block every subnet that is identified as having a bot that is a source of the traffic.








 

Suggested Answer: B

Community Answer: B



This question is in CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam
For getting CompTIA Advanced Security Practitioner (CASP+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

A security administrator sees several hundred entries in a web server security log that are similar to the following: The network source varies, but the URL, status, and user agent are the same. Which of the following would BEST protect the web server without blocking legitimate traffic?

A security analyst has been tasked with providing key information in the risk register. Which of the following outputs or results would be used to BEST provide the information needed to determine the security posture for a risk decision? (Choose two.)

A cloud engineer is tasked with improving the responsiveness and security of a company’s cloud-based web application. The company is concerned that international users will experience increased latency. Which of the following is the BEST technology to mitigate this concern?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

A security administrator sees several hundred entries in a web server security log that are similar to the following: The network source varies, but the URL, status, and user agent are the same. Which of the following would BEST protect the web server without blocking legitimate traffic?

A security analyst has been tasked with providing key information in the risk register. Which of the following outputs or results would be used to BEST provide the information needed to determine the security posture for a risk decision? (Choose two.)

A cloud engineer is tasked with improving the responsiveness and security of a company’s cloud-based web application. The company is concerned that international users will experience increased latency. Which of the following is the BEST technology to mitigate this concern?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password