A security consultant is helping an organization to enhance the detection capabilities of unauthorized activities within its internal network. The organization's security strategy includes the deployment of Network Intrusion Detection Systems (NIDS) but also emphasizes minimizing the impact on network performance. Which deployment strategy should the consultant recommend?
Configure NIDS sensors in tap/monitor mode to replicate the network traffic non-intrusively.
Set up NIDS sensors to operate in stealth mode, invisible to network hosts and devices.
Deploy NIDS sensors in inline mode to actively moderate and filter traffic.
Place NIDS sensors in promiscuous mode to passively collect traffic without duplicating it.
Placing NIDS sensors in tap/monitor mode would allow the organization to detect unauthorized activities by mirroring the traffic that flows through the network, without injecting any additional latency or load on the primary network path. This strategy helps ensure network performance is not significantly impacted while maintaining an effective security posture. In contrast, inline mode can introduce latency since traffic must flow through the sensor, and promiscuous mode lacks the capability of real-time traffic replication typical of a tap/monitor setup.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Network Intrusion Detection System (NIDS)?
Open an interactive chat with Bash
What are the differences between inline, tap/monitor, and promiscuous modes for NIDS?
Open an interactive chat with Bash
Why is minimizing the impact on network performance important when deploying NIDS?