During a routine security audit, an IT administrator notices unexpected and irregular traffic patterns when reviewing network logs. The traffic anomalies are consistent with the interception of data between two network nodes. Which security measure should be immediately evaluated and reinforced to mitigate this type of threat?
Update antivirus software on all endpoints
Enable network firewalls to filter incoming and outgoing traffic
Implement strong encryption protocols for data transmissions
Change all network device passwords
Improve physical security around networked devices
Implementing strong encryption protocols ensures that even if data packets are intercepted during transmission, the contents remain secure and unreadable to unauthorized users. Encryption is a direct countermeasure to on-path attacks by protecting the data in transit, which is likely being targeted in the described scenario.
Why the other answers are incorrect:
Updating antivirus software, though essential for overall security, does not directly address the interception of data in transit.
Improving physical security is generally aimed at protecting the hardware and environment, not the data transmitted between nodes.
Changing network device passwords adds a layer of security but would not protect from interception already occurring.
Enabling network firewalls helps block unauthorized access to networks but might not be sufficient if the data is being intercepted through a compromised but authorized channel.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are strong encryption protocols, and why are they important?
Open an interactive chat with Bash
What types of data transmissions benefit from encryption?
Open an interactive chat with Bash
What is the difference between symmetric and asymmetric encryption?