You are monitoring the network of your organizations. You notice that:
There are huge outbound connections from your Internal Network to External IPs
On further investigation, you see that the external IPs are blacklisted
Some
connections are accepted, and some are dropped
You find that it is a CnC communication
Which of the following solution will you suggest?
A. Block the Blacklist IP-s @ Firewall
B. Update the Latest Signatures on your IDS/IPS
C. Clean the Malware which ar
e trying to Communicate with the External Blacklist IP-s
D. Both B and C