Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam CAS-004 Topic 2 Question 60 Discussion

Actual exam question for CompTIA's CAS-004 exam
Question #: 60
Topic #: 2
[All CAS-004 Questions]

An IDS was unable to detect malicious network traffic during a recent security incident, even though all traffic was being sent using HTTPS. As a result, a website used by employees was compromised. Which of the following detection mechanisms would allow the IDS to detect an attack like this one in the future?

Show Suggested Answer Hide Answer
Suggested Answer: C

An inspection proxy, also known as an SSL/TLS inspection proxy, can decrypt HTTPS traffic, allowing the IDS to analyze the content for malicious activity. This method ensures that encrypted traffic can be inspected without compromising the security of the data in transit. The inspection proxy will re-encrypt the data before sending it on to its destination, maintaining the confidentiality of the communication while enabling security tools to perform their functions.


CompTIA CASP+ CAS-004 Exam Objectives: Section 3.3: Integrate network and security components and implement security controls.

CompTIA CASP+ Study Guide, Chapter 7: Analyzing Security Incidents.

by Kiley at Sep 12, 2024, 10:50 PM

Limited Time Offer

25%

Off

Get Premium CAS-004 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leslee
2 months ago
I believe inspection proxy could also be useful in detecting such attacks by analyzing the traffic.
upvoted 0 times
...
Otis
2 months ago
I agree with Leontine, protocol decoding would help in detecting malicious traffic sent over HTTPS.
upvoted 0 times
...
Leontine
2 months ago
I think the IDS should use protocol decoding to detect the attack.
upvoted 0 times
...
Glory
3 months ago
I'm going with option C - an inspection proxy. Sounds like it can see through that HTTPS smoke screen and catch the bad guys red-handed. Plus, it has a nice ring to it, don't you think?
upvoted 0 times
Pansy
2 months ago
Deobfuscation might be another good option to consider. It can help reveal the true nature of the encrypted traffic.
upvoted 0 times
...
Larae
2 months ago
I think protocol decoding could also be useful in this situation. It can help analyze the traffic and detect any anomalies.
upvoted 0 times
...
Steffanie
2 months ago
I agree, an inspection proxy sounds like the way to go. It can help uncover hidden threats.
upvoted 0 times
...
...
Kimi
3 months ago
Deobfuscation? Nah, that's for amateurs. Protocol decoding is where it's at - you gotta understand the underlying communication to catch the sneaky stuff.
upvoted 0 times
...
Shakira
3 months ago
Ah, the good old HTTPS trick! Clearly, we need something more sophisticated than just sniffing packets. I'd go with option C - an inspection proxy can peek under the covers and see what's really going on.
upvoted 0 times
Lenna
2 months ago
Deobfuscation might also be necessary to uncover hidden threats within the encrypted traffic.
upvoted 0 times
...
Effie
2 months ago
True, protocol decoding could also be beneficial in detecting malicious activity.
upvoted 0 times
...
Pansy
2 months ago
But wouldn't protocol decoding also be useful in understanding the encrypted traffic?
upvoted 0 times
...
Dahlia
2 months ago
I agree, an inspection proxy would definitely help in this situation.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77