An enterprise security manager notices recurring infiltration attempts slipping past network alerts. The manager wants enhanced visibility across network segments to identify suspicious traffic more effectively. Which solution best provides comprehensive oversight of these activities?
Impose tighter firewall policies by blocking outbound connections by default
Broaden antimalware coverage on employee systems to scan for malicious files
Position sensors in major traffic areas and aggregate their event data in a single analytics platform
Require each incoming connection to be approved by a user manual confirmation process
Placing sensors in multiple critical network locations and centralizing logs can reveal events that might otherwise remain hidden. This approach helps correlate data from various sources for stronger detection capabilities. Additional endpoint tools or strict firewall rules can help in some scenarios but do not necessarily address deeper data analysis across multiple network segments. User confirmation can be too disruptive and does not provide continual oversight of lurking threats.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are network sensors, and how do they enhance security visibility?
Open an interactive chat with Bash
Why is centralizing logs in an analytics platform important?
Open an interactive chat with Bash
How is this solution different from stricter firewall policies?