CompTIA Network+ (N10-009) — Question 423

After a recent security awareness phishing campaign, the cybersecurity team discovers that additional security measures need to be set up when users access potentially malicious websites. Which of the following security measures will best address this concern?

Answer options

• A. Implement DNS filtering.
• B. Update ACLs to only allow HTTPS.
• C. Configure new IPS hardware.
• D. Deploy 802.1X security features.

Correct answer: A

Explanation

Implementing DNS filtering is the most effective measure as it can block access to known malicious websites before users reach them. Updating ACLs to allow only HTTPS improves security but does not prevent access to harmful sites. Configuring new IPS hardware can detect intrusions but is not specifically focused on user access to dangerous sites. Deploying 802.1X security features primarily enhances network access control rather than directly addressing web access risks.