ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 227 discussion

Actual exam question from CompTIA's CAS-004
Question #: 227
Topic #: 1
[All CAS-004 Questions]

A firewall administrator needs to ensure all traffic across the company network is inspected. The administrator gathers data and finds the following information regarding the typical traffic in the network:



Which of the following is the BEST solution to ensure the administrator can complete the assigned task?

  • A. A full-tunnel VPN
  • B. Web content filtering
  • C. An endpoint DLP solution
  • D. SSL/TLS decryption
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Serliop378 at March 10, 2023, 12:57 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
javier051977
Highly Voted 2 years, 1 month ago
Selected Answer: D
D. SSL/TLS decryption is the best solution to ensure the administrator can complete the assigned task. This is because SSL/TLS encryption is commonly used to protect sensitive information in transit, including login credentials and other personal or confidential data. However, it can also be used to hide malicious traffic from network security devices such as firewalls. By decrypting SSL/TLS traffic, the firewall administrator can inspect all traffic across the network, including any potentially malicious content. Option A, a full-tunnel VPN, would allow for secure remote access to the company network, but it would not necessarily ensure all traffic across the network is inspected. Option B, web content filtering, would restrict access to certain websites, but it would not necessarily ensure all traffic across the network is inspected. Option C, an endpoint DLP (Data Loss Prevention) solution, would protect against the unauthorized transmission of sensitive data, but it would not necessarily ensure all traffic across the network is inspected.
upvoted 10 times
...
Bright07
Most Recent 8 months, 3 weeks ago
Ans D. Reasons. Full-Tunnel VPN is focused on providing secure and private access to a network for remote users by encrypting all their traffic and routing it through a VPN server. SSL/TLS Decryption is focused on inspecting encrypted traffic to ensure it is safe and does not contain malicious content or violate security policies. Choosing between these two depends on your specific needs: If you need secure remote access to a network, a full-tunnel VPN is appropriate. If you need to inspect and analyze encrypted traffic for security threats, SSL/TLS decryption is the solution.
upvoted 1 times
...
EAlonso
10 months ago
D. agree with all the positive comments.
upvoted 1 times
...
Serliop378
2 years, 1 month ago
Selected Answer: D
I chose D bot C, based on my previous comment
upvoted 3 times
...
Hazycore
2 years, 2 months ago
Selected Answer: D
The best solution to ensure all traffic across the company network is inspected is SSL/TLS decryption. This is because SSL/TLS encryption can hide malicious traffic from firewalls and other security measures. By decrypting SSL/TLS traffic, the firewall administrator can inspect all traffic passing through the network, including encrypted traffic. This can help to detect and prevent security threats such as malware, phishing attacks, and data exfiltration.
upvoted 4 times
...
Serliop378
2 years, 2 months ago
Selected Answer: C
Most traffic comes from 443 so TLS/SSL with the keyword INSPECTION
upvoted 1 times
ripper69
2 years, 2 months ago
He needs to inspect ALL traffic, a full VPN tunnel with inspection enabled will inspect ALL traffic.
upvoted 3 times
ripper69
2 years, 2 months ago
Ignore my comment.
upvoted 4 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago