CompTIA CySA+ CS0-003 Practice Question

The correct answer is 'SSL decryption policies on the firewall'. SSL inspection involves decrypting, inspecting, and re-encrypting SSL/TLS encrypted traffic as it passes through a security gateway or firewall. By implementing SSL decryption policies on the firewall, the organization can examine the content of encrypted traffic for potential threats, ensuring that harmful content is not missed due to encryption. This is especially critical as attackers could use encryption to mask malicious activities. 'URL filtering' is incorrect because it does not decrypt traffic but rather filters it based on URLs against a database of categorized websites. 'Application control policies' are incorrect because they manage application usage rather than inspect encrypted content. 'HTTPS deep packet inspection rules' is a misleading answer as deep packet inspection implies a thorough examination of data, but without proper SSL decryption, it cannot inspect encrypted HTTPS traffic.