Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 57

An engineer is analyzing a possible compromise that happened a week ago when the company database servers unexpectedly went down. The analysis reveals that attackers tampered with Microsoft SQL Server Resolution Protocol and launched a DDoS attack. The engineer must act quickly to ensure that all systems are protected. Which two tools should be used to detect and mitigate this type of future attack? (Choose two.)

Answer options

• A. firewall
• B. Wireshark
• C. autopsy
• D. SHA512
• E. IPS

Correct answer: A, E

Explanation

A firewall is essential for blocking unauthorized access and mitigating attacks, while an Intrusion Prevention System (IPS) actively monitors and takes action against threats. Wireshark is useful for analyzing packets but does not prevent attacks, and tools like autopsy and SHA512 are not suited for detecting or mitigating DDoS attacks.