Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
CompTIA
Security+
Securing a Web Server
teancum144
A company's security specialist is securing a web server that is reachable from the internet. The web server is located in the core internal corporate network. The network cannot be redesigned and the server cannot be moved. Which of the following should the security specialist implement to secure the web server?
A. Network-based IDS
B. Router with firewall rule set
C. Host-based firewall
D. Router with an IDS module
E. Network-based firewall
F. Host-based IDS
The answer is "F". However, I think this is a poorly worded question. If "F" said "Host-based
IPS
", then I would agree. So, given the choices, wouldn't "C" be the best choice?
Find more posts tagged with
Comments
ChooseLife
G. All of the above
I think the question is not worded properly. Comes from a guy who secures web servers for living..
paul78
That is a oddly worded question and answer. The question author uses the term "secure the web server" - so that should normally rule out any IDS techniques. I interpret the word "secure" as introducing a preventative control. An IDS is considered a detective control. So while an IDS is part of any defense in depth strategy - it's not a preventative control which could prevent an intrusion attempt.
Caveat though - I'm actually not familiar with Security+'s knowledge base so I do not know if there is an expectation that a candidate needs to be able to discern control types.
astorrs
Terrible question/answer. As paul78 said an IDS/IPS is only a detective control. If we can't have "All of the above" then I vote for:
H. Reverse proxy web application firewall
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
