An administrator would like to review the effectiveness of existing security in the enterprise. Which
of the following would be the BEST place to start?
A.
Review past security incidents and their resolution
B.
Rewrite the existing security policy
C.
Implement an intrusion prevention system
D.
Install honey pot systems
Explanation:
The main functions of intrusion prevention systems are to identify malicious activity, log
information about this activity, attempt to block/stop it, and report it
Review by implementing IPS? I dont’t get this at all…
0
0
With how the answer is worded it doesn’t make sense. But IPS would be the best choice if “Implement” was discarded.
0
0
Can anyone confirm this is a real question and a correct answer? If so, I will sit for the exam tomorrow because any studying I do will not help in answering questions like this one. Terrible!
The correct answer should be to review past security incidents and their resolution. This will give you insight into what types of incidents have occurred, how incident response is handled, how long it takes to handle an incident, what resources are used and who handles them. Talk to the person(s) who handle the most incidents and go from there. Real world.
0
0
To “review” I suspect “Install honey pot systems” would be the way to go – and try to compromise it. In any case, the answer given is WRONG
0
0
I know where you live
0
0