Which of the following actions would be BEST to prevent reinfection from the initial infection vector?

An organization has activated an incident response plan due to a malware outbreak on its network. The organization has brought in a forensics team that has identified an internet-facing Windows server as the likely point of initial compromise. The malware family that was detected is known to be distributed by manually logging on to servers and running the malicious code.

Which of the following actions would be BEST to prevent reinfection from the initial infection vector?
A . Prevent connections over TFTP from the internal network
B. Create a firewall rule that blocks port 22 from the internet to the server
C. Disable file shanng over port 445 to the server
D. Block port 3389 inbound from untrusted networks

Answer: A

Latest SY0-601 Dumps Valid Version with 396 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments