CompTIA CySA+ (CS0-002) — Question 199

A cybersecurity analyst is concerned about attacks that use advanced evasion techniques. Which of the following would best mitigate such attacks?

Answer options

• A. Keeping IPS rules up to date
• B. Installing a proxy server
• C. Applying network segmentation
• D. Updating the antivirus software

Correct answer: C

Explanation

Implementing network segmentation is the best way to mitigate advanced evasion techniques, as it limits an attacker's ability to move laterally within the network. While keeping IPS rules updated, installing a proxy server, and updating antivirus software are important security practices, they do not provide the same level of containment and control as network segmentation does.