An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks. What must be configured in order to maintain data privacy for both departments?
A.
Use passive IDS ports for both departments.
B.
Use a dedicated IPS inline set for each department to maintain traffic separation.
C.
Use 802.1Q inline set Trunk interfaces with VLANs to maintain logical traffic separation.
D.
Use one pair of inline set in TAP mode for both departments.
I understand why you might think that, but using passive IDS ports (option A) would only allow for monitoring traffic without actively managing or separating it. This wouldn't ensure data privacy between the two departments.
Using 802.1Q inline set Trunk interfaces with VLANs (option C) is the best choice because it allows for logical separation of traffic, ensuring that data from the sales and product development departments remain private and secure.
Using passive IDS ports (option A) can monitor traffic without actively interfering, but it doesn't inherently ensure data privacy between departments.
To maintain data privacy for both departments, option B (using a dedicated IPS inline set for each department) is the best choice. This setup ensures that traffic from each department is monitored separately, maintaining privacy and security for both networks.
Option C (using 802.1Q inline set Trunk interfaces with VLANs) is also a valid approach for logical separation, but it may not offer the same level of dedicated security and privacy as using separate IPS inline sets.
So, while option A can monitor traffic passively, option B is generally preferred for maintaining strict data privacy and security.
It' D which is correct, A, B and C is incorrect. Check this out : https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200924-configuring-firepower-threat-defense-int.html
Using Passive Mode for these two department which just only consume two interfaces. While all the other options would consume four interfaces. Besides, Passive Mode is configured on interface level, it can highly prevent policy misconfiguration on applying Access Control Policy with drop action, traffic redirection, SSL Encryption, etc., which can provide confidence to users.
Answer A, which suggests using a dedicated IDS inline set for each department to maintain traffic separation, is a better choice for passively monitoring and separating the two departments. Using an IDS instead of an IPS avoids the risk of accidentally blocking legitimate traffic, while still allowing for monitoring and detection of potential threats. Additionally, using dedicated inline sets for each department ensures that their traffic is kept separate and prevents any accidental leakage of sensitive information between the two departments.
It doesn't say inline set though. It says IDS ports. Which i'm imagining is just a standard port configuration with snort enabled for IDS. The two departments would still be able to route to each other. The vlan approach sounds best.
C. Use 802.1Q inline set Trunk interfaces with VLANs to maintain logical traffic separation.
By using 802.1Q inline set trunk interfaces with VLANs, each department can be isolated on separate VLANs while still passing through the same FTD device. This allows for logical separation of network traffic while maintaining data privacy for each department. Using a dedicated IPS inline set for each department would require multiple FTD devices, and using one pair of inline set in TAP mode for both departments would not provide sufficient network isolation. Using passive IDS ports would not allow for any traffic to be blocked, which could lead to security vulnerabilities.
C. Use 802.1Q inline set Trunk interfaces with VLANs to maintain logical traffic separation.
To maintain data privacy for both departments, the engineer should use logical traffic separation using VLANs. By configuring 802.1Q trunk interfaces with VLANs, the engineer can separate the traffic from the two departments into different VLANs, which will keep the traffic from each department separate and secure.
Option A is not a viable solution for maintaining data privacy as passive IDS ports only monitor network traffic and do not provide any separation or protection.
Option B is also not the best solution as dedicated IPS inline sets can be expensive and difficult to manage for multiple departments, and can potentially introduce additional latency or points of failure.
Option D is not recommended as it will allow both departments to receive the same traffic and potentially expose sensitive information to both parties.
B Sounds like the logical pick... But what sold me on A was the IPS vs IDS. Answer B sets IPS which can be intrusive wherase Answer A sets IDS which is for monitoring ONLY. The question is about passively monitoring and separating two departments. Answer is A.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Bobster02
Highly Voted 3 years, 7 months agoCokamaniako
1 year, 8 months ago14a1949
Most Recent 1 day, 4 hours ago14a1949
1 week, 1 day agoDoris8000
5 months, 2 weeks agozbeugene7
1 year, 2 months agoachille5
1 year, 5 months agoachille5
1 year, 1 month agoachille5
1 year agogc999
1 year, 6 months agogreeklover84
1 year, 7 months agobobie
1 year, 7 months agotanri04
1 year, 10 months agobassfunk
1 year, 5 months agoJoe_Blue
1 year, 10 months agotanri04
1 year, 10 months agodique
2 years, 4 months agoxziomal9
2 years, 7 months agohz033
2 years, 8 months agoidragoev
2 years, 9 months agoGrandslam
2 years, 9 months ago