A System Administrator wants to configure an XGS so that when the SSH_Brute_Force security event is triggered against ma
Posted: Fri Aug 26, 2022 9:58 am
A System Administrator wants to configure an XGS so that when the SSH_Brute_Force security event is triggered against machine Server1, any further traffic from the source IP address contained in the security event alert is dropped for a timed period.How should the System Administrator configure the XGS to perform this?
A. Edit the properties of the SSH_Brute_Force security event and create a quarantine response to block the source IP.
B. Create a Network Access policy object to drop all traffic from the source IP contained in the security event alert to Server1.
C. Create a Network Access policy object with a quarantine rule to block the source IP when the security event is triggered against Server1.
D. Create an IPS Filter policy object for the SSH_Brute_Force security event with a Victim address of Server1 and a quarantine response to block the source IP
A. Edit the properties of the SSH_Brute_Force security event and create a quarantine response to block the source IP.
B. Create a Network Access policy object to drop all traffic from the source IP contained in the security event alert to Server1.
C. Create a Network Access policy object with a quarantine rule to block the source IP when the security event is triggered against Server1.
D. Create an IPS Filter policy object for the SSH_Brute_Force security event with a Victim address of Server1 and a quarantine response to block the source IP