A network engineer is upgrading the network perimeter and installing a new firewall, IDS, and external edge router. The IDS is reporting elevated UDP traffic, and the internal routers are reporting high utilization. Which of the following is the BEST solution?
A. Reconfigure the firewall to block external UDP traffic.
B. Establish a security baseline on the IDS.
C. Block echo reply traffic at the firewall.
D. Modify the edge router to not forward broadcast traffic.
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
B. Establish a security baseline on the IDS. — best answer from the information given. Key points are:
“installing a new firewall, IDS, and external edge router”
Not going to give chapter and verse, but… when installing new equipment, you should baseline it. In this case, was there an old IDS? or is this the first one? Do we even know what that traffic looked like before? Get a baseline and compare future benchmarks to it.
Now – Don’t block all UDP traffic at the firewall. That will make your phone ring for sure
Discussion here:
https://vceguide.com/which-of-the-following-is-the-best-solution-19/