CompTIA Security+ (SY0-501) — Question 594

An intruder sniffs network traffic and captures a packet of internal network transactions that add funds to a game card. The intruder pushes the same packet multiple times across the network, which increments the funds on the game card. Which of the following should a security administrator implement to BEST protect against this type of attack?

Answer options

• A. An IPS
• B. A WAF
• C. SSH
• D. An IPSec VPN

Correct answer: D

Explanation

Implementing an IPSec VPN encrypts the data being transmitted, making it difficult for an intruder to capture and replay packets successfully. The other options, while they provide security benefits, do not specifically address the replay attack scenario as effectively as an IPSec VPN does.