A System Administrator wants to configure an XGS so that when the SSH_Brute_Force security event is triggered against machine Server1, any further traffic from the source IP address contained in the security event alert is dropped for a timed period.How should the System Administrator configure the XGS to perform this?
A. Edit the properties of the SSH_Brute_Force security event and create a quarantine response to block the source IP.
B. Create a Network Access policy object to drop all traffic from the source IP contained in the security event alert to Server1.
C. Create a Network Access policy object with a quarantine rule to block the source IP when the security event is triggered against Server1.
D. Create an IPS Filter policy object for the SSH_Brute_Force security event with a Victim address of Server1 and a quarantine response to block the source IP
A System Administrator wants to configure an XGS so that when the SSH_Brute_Force security event is triggered against ma
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
A System Administrator wants to configure an XGS so that when the SSH_Brute_Force security event is triggered against ma
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!