A large organization has implemented several security measures to protect its network infrastructure. As part of their continuous monitoring strategy, they want to ensure that any unauthorized access or anomalies in their network traffic are quickly identified and investigated. Which of the following security measures would best serve this purpose?
Implement an Intrusion Detection System (IDS) to monitor network traffic.
Conduct regular security training sessions for all network administrators.
Deploy additional firewalls to segment network traffic.
Increase frequency of anti-virus software updates on all endpoints.
Intrusion Detection Systems (IDS) are designed to monitor network and system activities for malicious activity or policy violations. A well-configured IDS can detect numerous types of malicious network traffic and computer usage that often go unnoticed by a firewall, which makes it an excellent choice for identifying unauthorized accesses or anomalies. Anti-virus software, while useful for detecting and removing malware, does not generally monitor network traffic for anomalies. Firewalls are preventive controls that block unauthorized access based on predefined rules but do not perform post-passage anomaly detection. Security training is essential for personnel but does not continuously monitor network traffic.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.