CompTIA Security+ (SY0-401) — Question 20

An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

Answer options

• A. Review past security incidents and their resolution
• B. Rewrite the existing security policy
• C. Implement an intrusion prevention system
• D. Install honey pot systems

Correct answer: C

Explanation

The best starting point to evaluate the effectiveness of existing security measures is to implement an intrusion prevention system (IPS), as it actively monitors and protects the network from threats. Reviewing past incidents (Option A) is helpful but does not provide a proactive approach. Rewriting the security policy (Option B) and installing honey pot systems (Option D) can be beneficial, but they do not directly assess current security effectiveness.