PrepAway - Latest Free Exam Questions & Answers

Which of the following would BEST meet the CISO’s requirements?

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be
segregated from the main corporate network to prevent unauthorized access and that access to the IT
systems should be logged. Which of the following would BEST meet the CISO’s requirements?

PrepAway - Latest Free Exam Questions & Answers

A.
Sniffers

B.
NIDS

C.
Firewalls

D.
Web proxies

E.
Layer 2 switches

Explanation:
The basic purpose of a firewall is to isolate one network from another.
Incorrect Answers:
A: The terms protocol analyzer and packet sniffer are interchangeable. They refer to the tools used in the
process of monitoring the data that is transmitted across a network.
B: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting networkfocused attacks, such as bandwidth-based DoS attacks.
D: Web proxies are used to forward HTTP requests.
E: Layer 2 switching uses the media access control address (MAC address) from the host’s network
interface cards (NICs) to decide where to forward frames. Layer 2 switching is hardware based, which
means switches use application-specific integrated circuit (ASICs) to build and maintain filter tables (also
known as MAC address tables or CAM tables).

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, p. 342http://en.wikipedia.org/wiki/Intrusion_prevention_system
http://en.wikipedia.org/wiki/LAN_switching
http://en.wikipedia.org/wiki/Proxy_server#Web_proxy_servers


Leave a Reply