Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

A security analyst is responsible for vulnerability scanning at a large organiza

ID: 3741809 • Letter: A

Question

A security analyst is responsible for vulnerability scanning at a large organization with a geographically diverse web infrastructure that is spread across four datacenters. The weekly scans are taking too long and are exceeding the nightly change window. With potential positive impact and lirnited budget as the primary factors, which of the following should be done NEXT? Schedule segmented scans throughout the week Acquire additional scanning boxes for each of the datacenters Switch from non-credentialed scans to credentialed scans. Scan only PCI environments going forward O c

Explanation / Answer

A. Schedule Segmented scans throughout the week

- This option might solve the issue by maintaining it daily, so that, weekly load for an authentication will be less and will not cross window period. But, it has been specified that "Potential Positive Impact" and "Budget" should be considered. Therefore, segmented scans throughout the week will be costlier and segmented scan sends data immediately to the Security Console which is not appropriate for large production environments. Therefore, option 'A' ruled out.

B. Acquire additional scanning box for each of the data centers.

- This option cannot be considered since acquiring new scanning boxes is costly and maintenance of those will high up the cost. With "Budget" as a primary concern, it is not relevant to choose this option. Therefore, option 'B' also ruled out.

C. Switch from non-credentials scan to credentials scan

- This option can be considered since credential scans are capable of finding more vulnerabilities. It provides remotely detectable vulnerabilities as well as remotely exploitable vulnerabilities. But, the time taken for the credential scan is much than non-credentials scan.

D.Scan only PCI environments going forward

PCI (Payment Card Industry) Standard can be considered since it not only protect cardholder data but also maintains a vulnerability program to protect a system against malware. With this standard, the network segmentation can be implemented in which scanning narrowed down to specific servers, therefore the cost of compliance and maintenance will be less.

Related Questions

A second version of the Markowitz portfolio model maximizes expected return subj
Question #2908281
A second version of the Markowitz portfolio model maximizes expected return subj
Question #3173343
A second version of the Markowitz portfolio model maximizes expected return subj
Question #3222785
A second-hand bookstore charges 50 cents for the first 10 paperbacks that you bu
Question #3544278
A second-hand car dealer is doing a promotion of a certain model of used truck.
Question #349128
A second-hand store is having a seven day sale during which the price of any uns
Question #3917404
A second-hand system wil cost $80,000. A new systers with improved technology ca
Question #368623
A second-order autoregressive model for four years of the monthly price of apple
Question #3262747
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
A security analyst is inspecting pseudocode of the following multithreaded appli
Next
A security analyst is reviewing the results of a vulnerability scan. The organiz

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.