Register
A large enterprise with thousands of users is experiencing a relatively high frequency of malicious activity from the insider threats. Much of the activity appears to involve internal reconnaissance that
78.2k views
2 votes
A large enterprise with thousands of users is experiencing a relatively high frequency of malicious activity from the insider threats. Much of the activity appears to involve internal reconnaissance that results in targeted attacks against privileged users and network file shares.

Given this scenario, which of the following would MOST likely prevent or deter these attacks?

A. Conduct role-based training for privileged users that highlights common threats against them and covers best practices to thwart attacks
B. Increase the frequency at which host operating systems are scanned for vulnerabilities, and decrease the amount of time permitted between vulnerability identification and the application of corresponding patches
C. Enforce command shell restrictions via group policies for all workstations by default to limit which native operating system tools are available for use
D. Modify the existing rules of behavior to include an explicit statement prohibiting users from enumerating user and file directories using available tools and/or accessing visible resources that do not directly pertain to their job functions
E. For all workstations, implement full-disk encryption and configure UEFI instances to require complex passwords for authentication

F. Implement application blacklisting enforced by the operating systems of all machines in the enterprise

User Eduard Dumitru
by
8.2k points

1 Answer

2 votes

Final answer:

Conducting role-based training for privileged users is the most effective solution to prevent or deter attacks by insider threats in a large enterprise.

Step-by-step explanation:

The most effective solution to prevent or deter attacks by insider threats in a large enterprise experiencing high levels of malicious activity would be to conduct role-based training for privileged users. This training should highlight common threats against them and cover best practices to thwart attacks.

By educating privileged users about the specific risks they face and teaching them how to identify and mitigate these risks, the enterprise can greatly reduce the success rate of targeted attacks against them and network file shares.

Other measures mentioned, such as increasing the frequency of vulnerability scanning and patching, enforcing command shell restrictions, modifying rules of behavior, implementing full-disk encryption, and application blacklisting, can also have a positive impact on security. However, role-based training directly addresses the issues related to insider threats and is the most likely to prevent or deter such attacks.

User Asontu
by
7.5k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!