As a security administrator, you've implemented a new company policy to review firewall logs daily. During this review, you notice numerous login attempts from foreign IP addresses outside of business hours. Based on this information, which of the following actions should be prioritized to enhance network security?
Update the firmware on the firewall to the latest version
Review the latest operating system patches for all company servers
Configure account lockout thresholds to prevent brute-force attacks
Conduct an additional security awareness training session focusing on foreign cyber threats
While all the options might be relevant in different scenarios, the priority action would be to configure account lockout thresholds to prevent brute-force attacks since the observed behavior suggests an attempt to gain unauthorized access by trying multiple combinations of usernames and passwords. Updating firewall firmware and reviewing OS patch levels are routine maintenance tasks that do not directly address the issue of unauthorized access attempts. While conducting user security awareness training is important, it doesn't directly mitigate the observed login attempts from foreign IP addresses.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are account lockout thresholds?
Open an interactive chat with Bash
What constitutes a brute-force attack?
Open an interactive chat with Bash
How do I know if a foreign IP address is a threat?