Question: When looking at aggregated logs , you are seeing a large percentage of Windows hosts connecting to an Internet Protocol ( IP ) address outside

When looking at aggregated logs, you are seeing a large percentage of Windows hosts connecting to an Internet Protocol (IP) address outside the network in a foreign country. Why might this be worth investigating more closely?
1 point
It can indicate a malware infection
It can indicate log normalization
It can indicate what software is on the binary whitelist
It can indicate ACLs are not configured correctly

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

What is a class of vulnerabilities that are unknown before they are exploited? Attack Surfaces Attack Vectors ACLS Zero - day Which of these host - based firewall rules help to permit network access...

Q:

When looking at aggregated logs , you are seeing a large percentage of Windows hosts connecting to an Internet Protocol ( IP ) address outside the network in a foreign country. Why might this be...

Q:

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

Q:

Study Guide Kindly indicate True or False where possible and provide the answers to where true or false is not applicable A Media Access Control (MAC) address is the 48-bit physical hardware address...

Q:

Study Guide Kindly indicate True or False where possible and provide the answers to where true or false is not applicable A Media Access Control (MAC) address is the 48-bit physical hardware address...

Q:

customers, suppliers, and communities in as serious takes place in the firm's business model thow to a way as they track its financial performance. make money). - The triple-bottom-line framework is...

Q:

Chapter 8 Routing 1. On a TCP/IP network, a router determines where an incoming packet should go by looking at the packets __________. A. destination MAC addresses B. destination IP addresses C....

Q:

Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...

Q:

25. Question 25 Public key encryption incorporating digital signatures ensures which of the following? 1 point Confidentiality and Integrity Confidentiality, Integrity and Availability...

Q:

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Q:

The ACME Corporation is looking to give its shareholders a type of dividend without disrupting the cash flow options of the business? Discuss the different types of dividends that a corporation could...

Q:

2. Is the following hormone, Prostaglandin E (PGE), water soluble? Explain in terms of intermolecular forces. HO HO OH

Q:

Match the participant with their responsibilities and where they fall in the process: _ _ _ _ : Borrower _ _ _ _ : Mortgage Banker ( Maybe ) _ _ _ _ : Loan Originators / Loan Sellers _ _ _ _ :...

Q:

On April 2 2 , 2 0 2 3 , Blossom Enterprises purchased equipment for $ 1 2 9 , 6 0 0 . The company expects to use the equipment for 1 0 , 5 0 0 working hours during its four - year life and that it...

Q:

LO2 Identify distinct labor markets and describe their unique characteristics.

Q:

LO1 Explain strategic recruiting decisions regarding employment branding, outsourcing, and other related issues.

Q:

2. What is your opinion of the Net Promoter System? What do you think are the advantages associated with this survey system? What are the potential disadvantages?