Which of the following configuration changes would be the MOST appropriate for Mergence gathering?

As part of an Intelligence feed, a security analyst receives a report from a third-party trusted source.

Within the report are several detrains and reputational information that suggest the company’s employees may be targeted for a phishing campaign.

Which of the following configuration changes would be the MOST appropriate for Mergence gathering?
A . Update the whitelist.
B . Develop a malware signature.
C . Sinkhole the domains
D . Update the Blacklist

View Answer

Answer: D

Explanation:

A blacklist is a list of domains, IP addresses, email addresses, or other identifiers that are known or suspected to be malicious or harmful. A blacklist can be used to block or filter unwanted or dangerous traffic from reaching a network or system2 Updating the blacklist can help prevent phishing campaigns by adding the domains or email addresses of the phishing sources to the list and preventing them from sending emails to the company’s employees.

Reference: 2 What Is a Blacklist? | Malwarebytes