CompTIA Security+ (SY0-601) — Question 424

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Answer options

• A. Compensating control
• B. Network segmentation
• C. Transfer of risk
• D. SNMP traps

Correct answer: A

Explanation

The correct answer is A, as a compensating control is a security measure that is put in place to mitigate risk when the primary control fails or is not feasible. The other options do not apply in this scenario; network segmentation refers to dividing networks to enhance security, transfer of risk involves shifting risk to another party, and SNMP traps are used for network management, not directly related to firewall configurations.