CompTIA
CAS-001 · Question #163
CAS-001 Question #163: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-001 to reveal the answer and full explanation for question #163. The question stem and answer options stay visible for context.
Question
A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator?
Options
- ASwitch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.
- BSwitch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.
- CDisable AH. Enable ESP on the internal network, and use NIPS on both networks.
- DEnable ESP on the internal network, and place NIPS on both networks.
Unlock CAS-001 to see the answer
You've previewed enough free CAS-001 questions. Unlock CAS-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.