A large organization has implemented several security measures to protect its network infrastructure. As part of their continuous monitoring strategy, they want to ensure that any unauthorized access or anomalies in their network traffic are quickly identified and investigated. Which of the following security measures would best serve this purpose?
Deploy additional firewalls to segment network traffic.
Increase frequency of anti-virus software updates on all endpoints.
Implement an Intrusion Detection System (IDS) to monitor network traffic.
Conduct regular security training sessions for all network administrators.
Intrusion Detection Systems (IDS) are designed to monitor network and system activities for malicious activities or policy violations. A well-configured IDS can detect numerous types of malicious network traffic and computer usage that often go unnoticed by a firewall, which makes it an excellent choice for identifying unauthorized accesses or anomalies. Anti-virus software, while useful for detecting and removing malware, does not generally monitor network traffic for anomalies. Firewalls are a type of preventive control that helps to block unauthorized access based on predefined rules, but they do not detect anomalies after the traffic has passed through. Security training is essential for personnel but does not serve the specific purpose of monitoring network anomalies.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.