Exam SY0-601 topic 1 question 599 discussion

To address the issue of suspicious attempts to access company resources that were not detected, the best solution to implement on the company's network would be an Intrusion Prevention System (IPS). An Intrusion Prevention System (IPS) is a security device or software application that monitors network traffic for malicious activity and can automatically take action to block or prevent potential threats. It goes beyond intrusion detection by actively analyzing network traffic in real-time and can actively respond to identified threats. With an IPS in place, the system can detect and block suspicious activities, such as unauthorized attempts to access company resources, before they can cause harm. It provides an additional layer of security to the network and can help to mitigate various cyber threats.

How does an IPS deal with something it can't detect? Going with my gut on this one and saying a jump server is the correct answer!

IPS detect and prevents it

To address the issue of suspicious attempts to access company resources that were not detected, the best solution to implement on the company's network would be an Intrusion Prevention System (IPS). An Intrusion Prevention System (IPS) is a security device or software application that monitors network traffic for malicious activity and can automatically take action to block or prevent potential threats. It goes beyond intrusion detection by actively analyzing network traffic in real-time and can actively respond to identified threats. With an IPS in place, the system can detect and block suspicious activities, such as unauthorized attempts to access company resources, before they can cause harm. It provides an additional layer of security to the network and can help to mitigate various cyber threats.

We have 2 issues to correct: 1 ) attempts to access company resources 2 ) lack of detection.

A. Intrusion prevention system An Intrusion Prevention System (IPS) would be the best solution to implement on the company's network to detect and prevent suspicious attempts to access company resources. IPS monitors network and/or system activities for malicious exploits or security policy violations and can automatically respond to block or prevent those activities.

How would a jump server detect? Answer is A

It's A because the company didn't have the IPS is why they didn't detect it to begin with. So getting the IPS provides the information needed. Jumpr server wouldn't attack it's own. This was an attack to get the resources.

Jump server isn't to detect or prevent intrusion attempts across the entire network.

they were not detected, means their ips or any means of security didn't, jump server is an addition which is exactly what is needed here

jump server is the correct answer , it will not allow any one to access , only the authorized by inserting the username and password with MFA 'OTP'