nerdexam
ExamsPT0-003Questions#158
CompTIACompTIA

PT0-003 · Question #158

PT0-003 Question #158: Real Exam Question with Answer & Explanation

The correct answer is A: Utilizing port mirroring on a firewall appliance. Using port mirroring on a firewall appliance is the safest and most non-intrusive way to validate if the application encrypts data in transit. Why Port Mirroring? Port mirroring (SPAN) enables traffic from the ICS system to be copied and sent to a monitoring device without affect

Submitted by alyssa_d· Mar 6, 2026Vulnerability Discovery and Analysis

Question

A client warns the assessment team that an ICS application is maintained by the manufacturer. Any tampering of the host could void the enterprise support terms of use. Which of the following techniques would be most effective to validate whether the application encrypts communications in transit?

Options

  • AUtilizing port mirroring on a firewall appliance
  • BInstalling packet capture software on the server
  • CReconfiguring the application to use a proxy
  • DRequesting that certificate pinning be disabled

Explanation

Using port mirroring on a firewall appliance is the safest and most non-intrusive way to validate if the application encrypts data in transit. Why Port Mirroring? Port mirroring (SPAN) enables traffic from the ICS system to be copied and sent to a monitoring device without affecting the host system. This avoids any tampering with the application or host, preserving enterprise support terms.

Topics

#ICS security#traffic analysis#port mirroring#network sniffing

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-003 PracticeBrowse All PT0-003 Questions