nerdexam
CompTIA

SY0-301 · Question #791

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security

The correct answer is B. IDS. The two key constraints are: (1) do not change the devices' baseline configuration, and (2) do not risk availability. An IDS (Intrusion Detection System) passively monitors network traffic and generates alerts when suspicious activity is detected - it does not interfere with or b

Security architecture

Question

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability?

Options

  • AHost-based firewall
  • BIDS
  • CIPS
  • DHoneypot

How the community answered

(51 responses)
  • A
    6% (3)
  • B
    84% (43)
  • C
    8% (4)
  • D
    2% (1)

Explanation

The two key constraints are: (1) do not change the devices' baseline configuration, and (2) do not risk availability. An IDS (Intrusion Detection System) passively monitors network traffic and generates alerts when suspicious activity is detected - it does not interfere with or block traffic, so it will not affect device availability or require any changes to the devices themselves. An IPS (C) actively blocks suspicious traffic, which could interrupt legitimate remote configuration sessions and risk availability of mission-critical devices. A host-based firewall (A) would need to be installed on the devices, changing their baseline. A honeypot (D) is a decoy system, not a monitoring solution for production devices.

Topics

#IDS#passive monitoring#network security#availability

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice