4.2.1.1 Botnet
Botnet
It is a group of bots, connected through the Internet, with the ability to be controlled by a malicious individual or group.
Bots
They can be activated to distribute malware, launch DDoS attacks, distribute spam email, or execute brute force password attacks.
True
True or false? - A BOT COMPUTER is typically infected by visiting a website, opening an email attachment, or opening an infected media file.
True
True or false? - A botnet can have TENS OF THOUSANDS, or even HUNDREDS OF THOUSANDS of bots.
False - Botnets are typically controlled through a COMMAND AND CONTROL server.
True or false? - Botnets are typically controlled through a PRIVATE server.
Step 3
[Identify the step order of the ASA Botnet Traffic Filter step being described] - Alerts go out to the security teams for prevention, mitigation, and remediation.
Step 2
[Identify the step order of the ASA Botnet Traffic Filter step being described] - Cisco SIO updates the Cisco ASA Botnet filter list; the destination is a known attack site.
Step 1
[Identify the step order of the ASA Botnet Traffic Filter step being described] - Infected clients try to communicate with a command and control host on the Internet.