CompTIA CASP+ (CAS-004) — Question 419

An IDS was unable to detect malicious network traffic during a recent security incident, even though all traffic was being sent using HTTPS. As a result, a website used by employees was compromised. Which of the following detection mechanisms would allow the IDS to detect an attack like this one in the future?

Answer options

• A. Deobfuscation
• B. Protocol decoding
• C. Inspection proxy
• D. Digital rights management

Correct answer: C

Explanation

The correct answer, Inspection proxy, allows for deeper analysis of encrypted traffic, enabling the IDS to identify potential threats that are otherwise hidden. Deobfuscation and protocol decoding may assist in understanding obfuscated or malformed traffic, but they do not provide the active monitoring capabilities that an inspection proxy offers. Digital rights management is unrelated to network traffic detection and focuses more on protecting intellectual property.