Your company has a strict requirement for monitoring network traffic without introducing any additional latency or potential points of failure within the data path. Which type of security device deployment would best suit the company's needs?
Install a Layer 7 firewall to actively inspect all incoming and outgoing packets.
Implement an active intrusion prevention system that inspects and potentially alters network traffic.
Use a network tap to inject custom packets for traffic shaping and policy enforcement.
Deploy a passive intrusion detection system that monitors a mirrored copy of the network traffic.
A passive device, such as a network tap or a passive intrusion detection system, operates by listening to a copy of the traffic as it flows through the network without actively interacting with it. These devices fulfill the company's requirement by providing monitoring capabilities without adding latency or becoming a point of failure, as they don't sit in-line with the live data stream.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between passive and active intrusion detection systems?
Open an interactive chat with Bash
What is a network tap, and how does it work?
Open an interactive chat with Bash
Why is it important to avoid latency and points of failure in network monitoring?