You are a network administrator for your company. The network contains a perimeter network.

The perimeter network contains four Windows Server 2003, Web Edition computers that are configured as a Network Load Balancing cluster. The cluster hosts an e-commerce Web site that must be available 24 hours per day. The cluster is located in a physically secure data center and uses an Internet-addressable virtual IP address.

All servers in the cluster are configured with the Hisecws.inf template. You need to implement protective measures against the cluster’s most significant security vulnerability.

What should you do?

A.
Use packet filtering on all inbound traffic to the cluster.

B.
Use Security Configuration and Analysis regularly to compare the security settings on all servers in the cluster with the baseline settings

C.
Use intrusion detection on the perimeter network.

D.
Use Encrypting File System (EFS) for all files that contain confidential data stored on the cluster.

Explanation:
The most sensitive element in this case is the network card that uses an Internet-addressable virtual IP address. The question doesn’t mention a firewall implementation or an intrusion detection system (Usually Hardware). Therefore, we should set up packet filtering.

You can configure packet filtering to accept or deny specific types of packets. Packet headers are examined for source and destination addresses, TCP and UDP port numbers, and other information.

Reference:

Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 7: