CompTIA CASP+ (CAS-004) — Question 301

Based on a recent security audit, a company discovered the perimeter strategy is inadequate for its recent growth. To address this issue, the company is looking for a solution that includes the following requirements:

• Collapse of multiple network security technologies into a single footprint
• Support for multiple VPNs with different security contexts
• Support for application layer security (Layer 7 of the OSI Model)

Which of the following technologies would be the most appropriate solution given these requirements?

Answer options

• A. NAT gateway
• B. Reverse proxy
• C. NGFW
• D. NIDS

Correct answer: C

Explanation

The NGFW (Next-Generation Firewall) is designed to integrate multiple security features into a single platform, making it ideal for the company's requirements. It supports various VPN configurations and provides advanced application layer security. In contrast, a NAT gateway primarily handles address translation, a reverse proxy does not consolidate multiple security technologies, and NIDS focuses on intrusion detection rather than comprehensive network security.