During a recent breach, an attacker was able to use tcpdump on a compromised Linux server to capture the password of a network administrator that logged into a switch using telnet.
Which of the following compensating controls could be implemented to address this going forward?
A. Whitelist tcpdump of Linux servers.
B. Change the network administrator password to a more complex one.
C. Implement separation of duties.
D. Require SSH on network devices.
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
D
SSH provides encryption in transit thus making it near impossible for attackers to sniff your password over the wire.