Cyber Security - Palo Alto Security Policies(2)

Task 3

The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to one of our eCommerce Server HTTPS portals in a matter of minutes. The source address identified by our SOC came from Africa and we only serve customers in the United States, China, and Europe.

Please block access to our DMZ from all the internet but allow the USA, China, and Europe.

Configure the firewall policy. Please mind that the order of this policy may affect the effect.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 Task 4

Last week after a policy change by another engineer, users from the marketing department were able to access the HR Fileserver shares.

Can you identify the root cause and remediate this issue asap?

Configure firewall policies.

 

 

Policy one: HR-Allow-HR-Servers

 

 

 

 

 

 

 

 

 

 

 

 

 

 Policy Two: Deny-Access-to-HR_Servers