nerdexam
(ISC)2

CISSP-ISSAP · Question #229

You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrati

The correct answer is D. Implement firewall on the network.. Implementing a firewall (D) is the correct choice because firewalls are purpose-built hardware (or software) security devices designed specifically to filter unauthorized traffic at the network boundary, requiring minimal ongoing administration once configured. A brouter (A) is a

Infrastructure Security

Question

You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrative effort. You want to implement a hardware-based solution. What will you do to accomplish this?

Options

  • AConnect a brouter to the network.
  • BImplement a proxy server on the network.
  • CConnect a router to the network.
  • DImplement firewall on the network.

How the community answered

(21 responses)
  • A
    5% (1)
  • B
    5% (1)
  • C
    10% (2)
  • D
    81% (17)

Explanation

Implementing a firewall (D) is the correct choice because firewalls are purpose-built hardware (or software) security devices designed specifically to filter unauthorized traffic at the network boundary, requiring minimal ongoing administration once configured. A brouter (A) is a hybrid bridge/router device focused on traffic routing between network segments, not security enforcement. A proxy server (B) can provide some access control but is a software-based solution running on a server, not a dedicated hardware security appliance - and it requires more ongoing administrative overhead. A standard router (C) can filter traffic via ACLs, but its primary purpose is routing packets between networks, not security; it lacks the robust inspection and policy enforcement of a firewall. Memory tip: Think "Firewall = Fortress" - it's the dedicated hardware guardian at your network's gate, built for one job: keeping intruders out with minimal fuss.

Topics

#Network Firewall#Perimeter Security#Network Access Control#Internet Defense

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSAP Practice