A security technician wishes to gather and analyze all Web traffic during a particular time period.
Which of the following represents the BEST approach to gathering the required data?

A.
Configure a VPN concentrator to log all traffic destined for ports 80 and 443.

B.
Configure a proxy server to log all traffic destined for ports 80 and 443.

C.
Configure a switch to log all traffic destined for ports 80 and 443.

D.
Configure a NIDS to log all traffic destined for ports 80 and 443.

Explanation:
A proxy server is in essence a device that acts on behalf of others and in security terms all internal user interaction with the Internet should be controlled through a
proxy server. This makes a proxy server the best tool to gather the required data.
Incorrect Answers:
A: The VPN concentrator creates an encrypted tunnel session between hosts, and many use two- factor authentication for additional security. A proxy server would
still be the best tool to gather the required information.
C: A switch can provide a monitoring port for troubleshooting and diagnostic purposes in addition to the virtual circuit that they can create between systems in a
network. This helps to reduce network trafffic, but a proxy server would be a better tool to gather the required data.
D: A network-based IDS (NIDS) approach to IDS attaches the system to a point in the network where it can monitor and report on all network traffic. However a
proxy server would be the best tool to gather the required data.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 105, 111