A review of the company’s network traffic shows that most of the malware infections are caused by users
visiting gambling and gaming websites. The security manager wants to implement a solution that will block
these websites, scan all web traffic for signs of malware, and block the malware before it enters the company
network. Which of the following is suited for this purpose?
An all-in-one appliance, also known as Unified Threat Management (UTM) and Next Generation Firewall
(NGFW), is one that provides a good foundation for security. A variety is available; those that you should be
familiar with for the exam fall under the categories of providing URL filtering, content inspection, or malware
Malware inspection is the use of a malware scanner to detect unwanted software content in network traffic. If
malware is detected, it can be blocked or logged and/or trigger an alert.
A: Access control lists (ACLs) are used to define who is allowed to or denied permission to perform a specified
activity or action.
B: An intrusion detection system (IDS) is an automated system that either watches activity in real time or
reviews the contents of audit logs in order to detect intrusions or security policy violations.
D: The basic purpose of a firewall is to isolate one network from another.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014,
pp. 96, 119
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 19, 21, 24