nerdexam
ExamsSY0-301Questions#15
CompTIA

SY0-301 · Question #15

SY0-301 Question #15: Real Exam Question with Answer & Explanation

The correct answer is B: SSL. SSL/TLS encrypts traffic between a client and server, meaning network-based intrusion detection systems (NIDS) and deep packet inspection tools cannot read the payload content of the traffic. Because the data is ciphertext, signature-based and anomaly-based network detection that

Question

Which of the following MOST interferes with network-based detection techniques?

Options

  • AMime-encoding
  • BSSL
  • CFTP
  • DAnonymous email accounts

Explanation

SSL/TLS encrypts traffic between a client and server, meaning network-based intrusion detection systems (NIDS) and deep packet inspection tools cannot read the payload content of the traffic. Because the data is ciphertext, signature-based and anomaly-based network detection that relies on inspecting packet contents is effectively blind to threats hidden inside SSL-encrypted sessions. MIME encoding (A) encodes data but doesn't encrypt it - it can still be decoded and inspected. FTP (C) is a plaintext protocol, fully visible to network monitors. Anonymous email accounts (D) affect attribution, not the detectability of network traffic content.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice