Multiple Choice
A company's existing forward proxies support software-based TLS decryption, but are currently at 60% load just dealing with AV scanning and content analysis for HTTP traffic. More than 70% outbound web traffic is currently encrypted. The switching and routing network infrastructure precludes adding capacity, preventing the installation of a dedicated TLS decryption system. The network firewall infrastructure is currently at 30% load and has software decryption modules that can be activated by purchasing additional license keys. An existing project is rolling out agent updates to end-user desktops as part of an endpoint security refresh. Which of the following is the BEST way to address these issues and mitigate risks to the organization?
A) Purchase the SSL, decryption license for the firewalls and route traffic back to the proxies for end-user categorization and malware analysis.
B) Roll out application whitelisting to end-user desktops and decommission the existing proxies, freeing up network ports.
C) Use an EDP solution to address the malware issue and accept the diminishing role of the proxy for URL categorization in the short team.
D) Accept the current risk and seek possible funding approval in the next budget cycle to replace the existing proxies with ones with more capacity.
Correct Answer:
Verified
Correct Answer:
Verified
Q230: An insurance company has two million customers
Q231: A financial institution's information security officer is
Q232: A security administrator is hardening a TrustedSolaris
Q233: An organization is in the process of
Q234: A security engineer is attempting to convey
Q236: Following a recent data breach, a company
Q237: A company contracts a security engineer to
Q238: A security architect is designing a system
Q239: Given the following code snippet: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1257/.jpg"
Q240: A security engineer is investigating a compromise