CompTIA Security+ (SY0-701) — Question 445

A security team is in the process of hardening the network against externally crafted malicious packets. Which of the following is the most secure method to protect the internal network?

Answer options

• A. Anti-malware solutions
• B. Host-based firewalls
• C. Intrusion prevention systems
• D. Network access control
• E. Network allow list

Correct answer: C

Explanation

The correct answer is C, Intrusion prevention systems, as they actively monitor and block potential threats in real-time, providing a robust defense against malicious packets. While anti-malware solutions (A) and host-based firewalls (B) are useful, they do not offer the same level of proactive protection. Network access control (D) and network allow lists (E) help regulate access but do not specifically address the prevention of malicious packet attacks.