CompTIA Security+ (SY0-501) — Question 244

A company recently experienced data exfiltration via the corporate network. In response to the breach, a security analyst recommends deploying an out-of-band
IDS solution. The analyst says the solution can be implemented without purchasing any additional network hardware. Which of the following solutions will be used to deploy the IDS?

Answer options

• A. Network tap
• B. Network proxy
• C. Honeypot
• D. Port mirroring

Correct answer: D

Explanation

Port mirroring allows for the duplication of traffic from one port to another, making it possible to monitor the traffic without needing additional hardware. In contrast, a Network tap requires physical hardware installation, a Network proxy serves a different function by acting as an intermediary, and a Honeypot is used for deception and does not monitor traffic directly.