SY0-301 Question #525: Real Exam Question with Answer & Explanation

The correct answer is B: Configure a proxy server to log all traffic destined for ports 80 and 443.. A forward proxy server is purpose-built to sit between internal clients and the internet, forwarding and logging all HTTP (port 80) and HTTPS (port 443) requests. Because all web traffic is routed through it, the proxy provides complete visibility and detailed per-request logs in

Question

A security technician wishes to gather and analyze all Web traffic during a particular time period. Which of the following represents the BEST approach to gathering the required data?

Options

AConfigure a VPN concentrator to log all traffic destined for ports 80 and 443.
BConfigure a proxy server to log all traffic destined for ports 80 and 443.
CConfigure a switch to log all traffic destined for ports 80 and 443.
DConfigure a NIDS to log all traffic destined for ports 80 and 443.

Explanation

A forward proxy server is purpose-built to sit between internal clients and the internet, forwarding and logging all HTTP (port 80) and HTTPS (port 443) requests. Because all web traffic is routed through it, the proxy provides complete visibility and detailed per-request logs including URLs, users, timestamps, and response codes - ideal for later analysis. A VPN concentrator handles encrypted tunnel traffic, not general web browsing. A switch operates at Layer 2 and logging all traffic would generate enormous, difficult-to-parse data. A NIDS is designed for real-time intrusion detection, not structured web-traffic logging and analysis. The proxy is the most targeted and practical solution.

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice