Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CAS-004 Topic 2 Question 60 Discussion

Actual exam question for CompTIA's CAS-004 exam
Question #: 60
Topic #: 2
[All CAS-004 Questions]

An IDS was unable to detect malicious network traffic during a recent security incident, even though all traffic was being sent using HTTPS. As a result, a website used by employees was compromised. Which of the following detection mechanisms would allow the IDS to detect an attack like this one in the future?

Show Suggested Answer Hide Answer
Suggested Answer: C

An inspection proxy, also known as an SSL/TLS inspection proxy, can decrypt HTTPS traffic, allowing the IDS to analyze the content for malicious activity. This method ensures that encrypted traffic can be inspected without compromising the security of the data in transit. The inspection proxy will re-encrypt the data before sending it on to its destination, maintaining the confidentiality of the communication while enabling security tools to perform their functions.


CompTIA CASP+ CAS-004 Exam Objectives: Section 3.3: Integrate network and security components and implement security controls.

CompTIA CASP+ Study Guide, Chapter 7: Analyzing Security Incidents.

by Kiley at Sep 12, 2024, 10:50 PM

Limited Time Offer

25%

Off

Get Premium CAS-004 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leslee
27 days ago
I believe inspection proxy could also be useful in detecting such attacks by analyzing the traffic.
upvoted 0 times
...
Otis
28 days ago
I agree with Leontine, protocol decoding would help in detecting malicious traffic sent over HTTPS.
upvoted 0 times
...
Leontine
29 days ago
I think the IDS should use protocol decoding to detect the attack.
upvoted 0 times
...
Glory
1 months ago
I'm going with option C - an inspection proxy. Sounds like it can see through that HTTPS smoke screen and catch the bad guys red-handed. Plus, it has a nice ring to it, don't you think?
upvoted 0 times
Pansy
18 days ago
Deobfuscation might be another good option to consider. It can help reveal the true nature of the encrypted traffic.
upvoted 0 times
...
Larae
21 days ago
I think protocol decoding could also be useful in this situation. It can help analyze the traffic and detect any anomalies.
upvoted 0 times
...
Steffanie
1 months ago
I agree, an inspection proxy sounds like the way to go. It can help uncover hidden threats.
upvoted 0 times
...
...
Kimi
2 months ago
Deobfuscation? Nah, that's for amateurs. Protocol decoding is where it's at - you gotta understand the underlying communication to catch the sneaky stuff.
upvoted 0 times
...
Shakira
2 months ago
Ah, the good old HTTPS trick! Clearly, we need something more sophisticated than just sniffing packets. I'd go with option C - an inspection proxy can peek under the covers and see what's really going on.
upvoted 0 times
Lenna
17 days ago
Deobfuscation might also be necessary to uncover hidden threats within the encrypted traffic.
upvoted 0 times
...
Effie
25 days ago
True, protocol decoding could also be beneficial in detecting malicious activity.
upvoted 0 times
...
Pansy
29 days ago
But wouldn't protocol decoding also be useful in understanding the encrypted traffic?
upvoted 0 times
...
Dahlia
1 months ago
I agree, an inspection proxy would definitely help in this situation.
upvoted 0 times
...
...

Save Cancel