Certified Ethical Hacker (CEH v11) — Question 162

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux.
The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

Answer options

• A. Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
• B. As long as the physical access to the network elements is restricted, there is no need for additional measures.
• C. There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
• D. The operator knows that attacks and down time are inevitable and should have a backup site.

Correct answer: A

Explanation

Option A is correct because hardening network elements with strong user IDs and passwords, along with regular security assessments, significantly enhances security. Options B and C underestimate the importance of securing the actual network elements, relying solely on perimeter defenses, which can be insufficient. Option D, while recognizing potential threats, does not address the immediate need for proactive security measures for the network elements themselves.