SY0-501 · Question #134
SY0-501 Question #134: Real Exam Question with Answer & Explanation
The correct answer is A: ACLs. To address malicious traffic on an unauthorized port from an internal network, implementing network-based security controls like ACLs is the appropriate action.
Question
Malicious traffic from an internal network has been detected on an unauthorized port on an application server. Which of the following network-based security controls should the engineer consider implementing?
Options
- AACLs
- BHIPS
- CNAT
- DMAC filtering
Explanation
To address malicious traffic on an unauthorized port from an internal network, implementing network-based security controls like ACLs is the appropriate action.
Common mistakes.
- B. HIPS (Host-based Intrusion Prevention System) operates on individual endpoints, providing host-level protection rather than network-based control to block traffic at specific ports across the network.
- C. NAT (Network Address Translation) is used to modify network address information in packet headers, primarily for IP address conservation or network segregation, and does not directly control access to unauthorized ports for security.
- D. MAC filtering controls network access based on hardware addresses (MAC addresses), which is easily circumvented by MAC spoofing and does not specifically address unauthorized port usage by potentially legitimate devices.
Concept tested. Network traffic filtering using Access Control Lists
Reference. https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccess.html
Community Discussion
No community discussion yet for this question.