Which of the following controls should critical application servers implement to protect themselves
from other potentially compromised application services?
A.
NIPS
B.
Content filter
C.
NIDS
D.
Host-based firewalls
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
Another badly drafted question. In here we anthropomorphize, and ascribe to a server a human action.
Anyways: We are talking about:
• Controls
• On Critical APPLICATION Servers
• To protect themselves
• From other potentially compromised APPLICATION SERVICES
So the requirement is:
• At HOST level, not NETWORK level
• More precisely at APPLICATION Level
INCORRECT ANSWERS:
It is therefore a matter of elimination:
A.NIPS – Network Intrusion Protection System. This works at NETWORK level, therefore does not meet the brief
Content filter – This will only server to filter content, and will offer no protection from other compromised application services
C.NIDS – Network Intrusion Detection System. This works at NETWORK level, therefore does not meet the brief
So the only possible answer is: D. Host-based firewalls
Explanation:
A host-based firewall is designed to protect the host from network based attack by using filters to limit the network traffic that is allowed to enter or leave the host. The action of a filter is to allow,
Deny, or log the network packet. Allow enables the packet to continue toward its destination. Deny blocks the packet from going any further and effectively discarding it. Log records information
About the packet into a log file. Filters can be based on protocol and ports. By blocking protocols and ports that are not required, other potentially compromised application services would be prevented from being exploited across the network.
0
0