A research company discovered that an unauthorized piece of software has been detected on a small number
of machines in its lab. The researchers collaborate with other machines using port 445 and on the Internet
using port 443. The unauthorized software is starting to be seen on additional machines outside of the lab and
is making outbound communications using HTTPS and SMB. The security team has been instructed to resolve
the problem as quickly as possible while causing minimal disruption to the researchers. Which of the following
contains the BEST course of action in this scenario?
A. Update the host firewalls to block outbound SMB.
B. Place the machines with the unapproved software in containment.
C. Place the unauthorized application in a blocklist.
D. Implement a content filter to block the unauthorized software communication.
of machines in its lab. The researchers collaborate with other machines using port 445 and on the Internet
using port 443. The unauthorized software is starting to be seen on additional machines outside of the lab and
is making outbound communications using HTTPS and SMB. The security team has been instructed to resolve
the problem as quickly as possible while causing minimal disruption to the researchers. Which of the following
contains the BEST course of action in this scenario?
A. Update the host firewalls to block outbound SMB.
B. Place the machines with the unapproved software in containment.
C. Place the unauthorized application in a blocklist.
D. Implement a content filter to block the unauthorized software communication.