Question

In: Other

A cyber security engineer is installing a WAF to protect the company's website from malicious web...

A cyber security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?

A. A reverse proxy

B. A decryption certificate

C. A split-tunnel VPN

D. Load-balanced servers

 

 

A cyber security consultant was asked to revise the security baselines that are utilized by a large organization. Although the company provides different platforms for its staff, including desktops, laptops, and mobile devices, the applications do not vary by platform. Which of the following should the consultant recommend? (Select Two).

A. Apply patch management on a daily basis.

B. Allow full functionality for all applications that are accessed remotely

C. Apply default configurations of all operating systems

D. Apply application whitelisting.

E. Disable default accounts and/or passwords

 

 

Solutions

Expert Solution

A cyber security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?

Answer: A. A reverse proxy

WAF is considered a reverse proxy, so reverse proxy will be need to meet the objective.
A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server.

A cyber security consultant was asked to revise the security baselines that are utilized by a large organization. Although the company provides different platforms for its staff, including desktops, laptops, and mobile devices, the applications do not vary by platform. Which of the following should the consultant recommend? (Select Two).
Answer:
D. Apply application whitelisting
E. Disable default accounts and/or passwords

Apply application whitelisting would whitelist all the important apps and wont be effected during the process.
Disaling default user accounts and passwords will temporarily block the access to the users and can be reinitiated when the work is done.


Related Solutions

Principles, Cyber security: The Deep Web and The Dark Web - A description of a dark...
Principles, Cyber security: The Deep Web and The Dark Web - A description of a dark net, the Surface Web, the Deep Web and the Dark Web. Are any of these terms synonymous? Do they all exist? What is the purpose of those that truly exist? need reference or citation for these questions
Cyber Security. Dark Web.................................. What is the supposed origin of the Dark Web? What does your...
Cyber Security. Dark Web.................................. What is the supposed origin of the Dark Web? What does your team think about whether it is needed/not needed? Important/not important? A security risk/not a risk? Any security implications? Please, need reference or citation!
a) Examine the three elements of Cyber Security that are generally used to protect computer networks and systems.
a) Examine the three elements of Cyber Security that are generally used to protect computer networks and systems.  b) An ethical dilemma is a situation a person faces in which a decision must be made about appropriate behavior. Discuss any five key professional ethical values to be considered when faced with ethical dilemma at the work place. c) Jeremy Bentham (1748-1832) once said “The greatest goal is to achieve the greatest happiness for as many people as possible.” Clearly explain what he...
Many cyber security attacks are made possible due to common weaknesses in software. The Open Web...
Many cyber security attacks are made possible due to common weaknesses in software. The Open Web Application Security Project (OWASP) publishes information to assist in the development of secure application software. Every few years OWASP publish their Top 10 Application Security Risks, along with guidance to prevent and mitigate these common development errors. Your task is as follows: 1. Browse the OWASP Top 10 web site and read the summary page for each of the top 10 application security vulnerabilities...
Cyber security Cryptography Homework Part 1: Find good encryption solutions Search the web for various commercial...
Cyber security Cryptography Homework Part 1: Find good encryption solutions Search the web for various commercial encryption algorithms. Find one that you feel may be “snake oil”. Write a report explaining the encryption algorithm and your opinion *in-text citations and references are required *written in at least 2~3 paragraphs
"Today's state-of-the-art network security appliances do a great job of keeping the cyber monsters from invading...
"Today's state-of-the-art network security appliances do a great job of keeping the cyber monsters from invading your business. But what do you do when the monster is actually inside the security perimeter? Unfortunately, all of the crosses, garlic, wooden stakes, and silver bullets in the world have little effect on today's most nefarious cyber creatures" (Manky, 2010). Review the Office Security Violations media and identify at least 10 security violations. For each violation, describe a remediation strategy. As the auditor,...
Based on information from the National Cyber Security Alliance, 93% of computer owners believe that they have antivirus programs installed on
Based on information from the National Cyber Security Alliance, 93% of computer owners believe that they have antivirus programs installed on their computers. In a random sample of 400 scanned computers, it is found that 380 of them (or 95%) actually have antivirus programs. Use the sample data from the scanned computers to test the claim that 93% of computers have antivirus programs.  
From the security aspect of client/browser, connecting to a secure web site/server, Mention the importance of...
From the security aspect of client/browser, connecting to a secure web site/server, Mention the importance of web certificates. Mention 4 certificate issuing companies Mention a security incident (or case study) of exploiting web certificates. From the cyber security perspective, what browser features should be examined for valid certificates. What are the risks of using expired web certificates?
From the SEC's website (www.sec.gov), access any company's 10-K from 2016 and review its footnote disclosures...
From the SEC's website (www.sec.gov), access any company's 10-K from 2016 and review its footnote disclosures related to pending litigation. Share the following: 1. Briefly summarize the nature of pending litigation facing the company you selected. 2. From the auditors' perspective, what is the primary concern with respect to the disclosure of pending litigation? 3. From a shareholder's perspective, what is the primary concern with respect to the disclosure of pending litigation?
company - H&R Block You must use the annual report, from the company's own website, or...
company - H&R Block You must use the annual report, from the company's own website, or from the SEC database. Quarterly financial statements should not be used to do ratios because (1) many companies are seasonal and quarterly numbers may not be representative of annual performance and (2) quarterly numbers are not audited, whereas annual financials are. Financial information provided by third parties like Yahoo Finance or Google Finance are not acceptable, as these numbers are not necessarily accurate. You...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT