nerdexam
Exams400-007Questions#354
Cisco

400-007 · Question #354

400-007 Question #354: Real Exam Question with Answer & Explanation

The correct answer is B: Deploy an IPS behind the firewall in in-line mode. See the full explanation below for the reasoning.

Question

Company XYZ wants to implement an IPS device to detect and block well-known attacks against their network. They want a design solution where all packets that are forwarded to the network are checked against a signature database before being allowed through. This check must be done with the minimum effect on performance. Which design is recommended?

Options

  • ADeploy an IPS behind the firewall in promiscuous mode
  • BDeploy an IPS behind the firewall in in-line mode
  • CDeploy an IPS in front of the firewall in promiscuous mode
  • DDeploy and IPS in front of the firewall in in-line mode

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 400-007 Practice