Which two features must a next generation firewall include? (Choose two.)
A. data mining
B. host-based antivirus
C. application visibility and control
D. Security Information and Event Management
E. intrusion detection system
Which two features must a next generation firewall include? (Choose two.)
A. data mining
B. host-based antivirus
C. application visibility and control
D. Security Information and Event Management
E. intrusion detection system
– Data mining is clearly incorrect.
– Host based antivirus is impossible, because a NGFirewall is a network device.
– Application visibility and control, I understand it as the capability of analyse the traffic of an app and categorize them (i.e. p2p app, whatsapp traffic…). So, this is correct.
– SIEM is incorrect because a NGFW usually doesnt has the capability of correlate events
– IDS is clearly correct.
Hope it helps
IPS is a huge feature of NGFW but you never see IDS advertised anymore – (Maybe they include it as a IPS/IDS package).
https://www.cisco.com/c/dam/en/us/products/collateral/security/next-gen-firewall.pdf – The following link talks about NGFW supporting third party solutions such as SIEM. While SIEM isn’t a default feature of NGFW, it’s a keyword used in their documentation whereas there is no IDS mentioned.
Why C&E please explain your answer
correct? is C & E?