A building camera is remotely accessed and disabled from the remote console application during off-hours. A security analyst reviews the following logs:
Which of the following actions should the analyst take to best mitigate the threat?
The logs indicate unauthorized access from104.18.16.29, an external IP, to the building camera’s administrative console during off-hours.Restricting access only to approved IPsensures that only authorized personnel can remotely control the cameras, reducing the risk of unauthorized access and manipulation.
Implementing WAF protection (A)secures against web application attacks but does not restrict unauthorized administrative access.
Upgrading the firmware (B)is good security hygiene but does not immediately mitigate the active threat.
Blocking IP 104.18.16.29 (D)is a temporary measure, as an attacker can switch to another IP. A better long-term solution is whitelisting trusted IPs.
[Reference:CompTIA SecurityX (CAS-005) Exam Objectives- Domain 4.0 (Security Operations), Section onAccess Control and Network Security, , , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit