CompTIA Security+ (SY0-501) — Question 35

Malicious traffic from an internal network has been detected on an unauthorized port on an application server.
Which of the following network-based security controls should the engineer consider implementing?

Answer options

• A. ACLs
• B. HIPS
• C. NAT
• D. MAC filtering

Correct answer: A

Explanation

The correct answer is A, ACLs, as they can be used to control access to network resources by allowing or denying traffic based on predefined rules. HIPS (B) focuses on host-based intrusion prevention and does not specifically control network traffic flow. NAT (C) is used for IP address translation and does not inherently provide security against unauthorized access. MAC filtering (D) can restrict access based on physical addresses but is less effective than ACLs for controlling traffic on a network segment.