ISC2 Exam ISSAP Topic 1 Question 23 Discussion

Actual exam question for ISC2's Information Systems Security Architecture Professional exam

Question #: 23
Topic #: 1

[All Information Systems Security Architecture Professional Questions]

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

AInstall a network-based IDS

BInstall a host-based IDS

CInstall a DMZ firewall

DEnable verbose logging on the firewall

Show Suggested Answer

Suggested Answer: A

A network-based detection system (NIDS) analyzes data packets flowing through a network. It can detect malicious packets that are

designed to be overlooked by a firewall's simplistic filtering rules. It is responsible for detecting anomalous or inappropriate data that may be

considered 'unauthorized' on a network. An NIDS captures and inspects all data traffic, regardless of whether it is permitted for checking or

not.

Answer option B is incorrect. A host based IDS simply monitors attempted attacks on an individual host.

Answer option D is incorrect. Verbose logging on the firewall will only give you clues regarding attacks on the firewall.

Answer option C is incorrect. A DMZ firewall, while a good suggestion and usually more secure, would not give you any monitoring of the traffic

on the LAN.

by Carmelina at May 03, 2022, 05:57 PM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!