Certified Information Systems Security Professional (CISSP) — Question 77
A network security engineer needs to ensure that a security solution analyzes traffic for protocol manipulation and various sorts of common attacks. In addition, all
Uniform Resource Locator (URL) traffic must be inspected and users prevented from browsing inappropriate websites. Which of the following solutions should be implemented to enable administrators the capability to analyze traffic, blacklist external sites, and log user traffic for later analysis?
Answer options
- A. Application-Level Proxy
- B. Intrusion detection system (IDS)
- C. Host-based Firewall
- D. Circuit-Level Proxy
Correct answer: A
Explanation
The Application-Level Proxy is designed to inspect and control traffic at the application layer, making it capable of analyzing protocol manipulation and blocking access to inappropriate websites. The Intrusion Detection System (IDS) primarily focuses on detecting attacks rather than blocking them, the Host-based Firewall is limited to protecting individual devices, and the Circuit-Level Proxy does not inspect the application data, making them less suitable for the requirements stated.