Exam 350-201 topic 1 question 15 discussion

Wireshark can't detect or protect, Its: AE

Wireshark CAN detect but the problem is it happened a week ago, its a live PCAPture, so it wouldnt do no good a week later, the IPS is a fix for future security, and firewall logs can show the evens in the past, so i would go with A and E,

Come on now Wireshark? Ofcourse NOT it's IPS & FW

Its A & E, Wireshark is not related.

took the test today but failed. This is test question.

A. Firewall: A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. By using a firewall, an organization can block traffic associated with the Microsoft SQL Server Resolution Protocol and DDoS attacks. E. IPS: Intrusion Prevention System (IPS) is a security tool that monitors network traffic for signs of malicious activity and can block or prevent that traffic from entering the network. An IPS can detect and prevent DDoS attacks by identifying suspicious traffic patterns and blocking them. While Wireshark (Option B) and Autopsy (Option C) are both useful network analysis tools, they are not specifically designed for detecting and mitigating DDoS attacks. SHA512 (Option D) is a cryptographic hash function that can be used to verify the integrity of data, but it is not a tool for detecting or mitigating DDoS attacks.

Wirehsark can also detect but it takes time to understand the packet streams. https://contenthub.netacad.com/courses/cyberops/_common/17.2.6-lab---attacking-a-mysql-database.pdf The question is that it needs to be quik, so answer is definitaly A &E

AE is correct.

AB is correct, the server was compromised, https://myakamai.force.com/customers/s/article/Attackers-Using-New-MS-SQL-Reflection-Techniques?language=en_US it was used to launch the attack

Firewalls and intrusion detection systems that act as traffic-scanning barriers between networks.

agree A,E