CompTIA SecurityX (CAS-005) — Question 222

Based on a recent security audit, a company discovered the perimeter strategy is inadequate for its recent growth. To address this issue, the company is looking for a solution that includes the following requirements:

• Collapse of multiple network security technologies into a single footprint
• Support for multiple VPNs with different security contexts
• Support for application layer security (Layer 7 of the OSI Model)

Which of the following technologies would be the most appropriate solution given these requirements?

Answer options

• A. NAT gateway
• B. Reverse proxy
• C. NGFW
• D. NIDS

Correct answer: C

Explanation

The NGFW (Next-Generation Firewall) is designed to merge various network security functions into a unified system, supports multiple VPNs with different security contexts, and provides application layer security. In contrast, a NAT gateway primarily focuses on address translation, a reverse proxy mainly handles requests and does not provide comprehensive security, and NIDS (Network Intrusion Detection System) does not have the capability to support multiple VPNs or application layer security.