A firewall administrator needs to ensure all traffic across the company network is inspected. The administrator gathers data and finds the following information regarding the typical traffic in the network:
Which of the following is the BEST solution to ensure the administrator can complete the assigned task?
SSL/TLS decryption is the best solution to ensure the administrator can complete the assigned task. The table shows that the majority of the traffic (91.4%) is over TCP port 443, which is typically used for HTTPS (SSL/TLS encrypted traffic). To inspect this encrypted traffic, SSL/TLS decryption is required. Without decryption, the contents of the HTTPS traffic would remain hidden, preventing effective inspection and potential threat detection.
D. SSL/TLS decryption is the best solution to ensure the administrator can complete the assigned task. This is because SSL/TLS encryption is commonly used to protect sensitive information in transit, including login credentials and other personal or confidential data. However, it can also be used to hide malicious traffic from network security devices such as firewalls. By decrypting SSL/TLS traffic, the firewall administrator can inspect all traffic across the network, including any potentially malicious content. Option A, a full-tunnel VPN, would allow for secure remote access to the company network, but it would not necessarily ensure all traffic across the network is inspected. Option B, web content filtering, would restrict access to certain websites, but it would not necessarily ensure all traffic across the network is inspected. Option C, an endpoint DLP (Data Loss Prevention) solution, would protect against the unauthorized transmission of sensitive data, but it would not necessarily ensure all traffic across the network is inspected.
The best solution to ensure all traffic across the company network is inspected is SSL/TLS decryption. This is because SSL/TLS encryption can hide malicious traffic from firewalls and other security measures. By decrypting SSL/TLS traffic, the firewall administrator can inspect all traffic passing through the network, including encrypted traffic. This can help to detect and prevent security threats such as malware, phishing attacks, and data exfiltration.
I chose D bot C, based on my previous comment
D. agree with all the positive comments.
Most traffic comes from 443 so TLS/SSL with the keyword INSPECTION
He needs to inspect ALL traffic, a full VPN tunnel with inspection enabled will inspect ALL traffic.
Ignore my comment.