Exam SY0-701 topic 1 question 472 discussion

E. Network allow list Here’s why: • A network allow list (also known as a whitelist) ensures that only trusted sources or specific IP addresses are allowed to send traffic to the internal network. This approach effectively blocks all untrusted external traffic, which directly prevents malicious packets from entering the network in the first place.

C. Intrusion Prevention Systems (IPS) Explanation: An Intrusion Prevention System (IPS) actively monitors network traffic for suspicious patterns or malicious packets and blocks them before they can reach the internal network. IPS is specifically designed to detect and prevent externally crafted malicious packets, making it the most secure and effective solution for this scenario. Other Options: B. Host-based firewalls: While useful for protecting individual devices, they are not sufficient to secure the entire internal network from malicious packets. D. Network access control (NAC): NAC is focused on ensuring that only authorized devices can connect to the network but does not inspect or block malicious packets. E. Network allow list: This approach can restrict access to only known safe sources but is less dynamic and effective against crafted malicious packets compared to IPS.

An IPS provides comprehensive protection against malicious network traffic by analyzing and filtering packets before they reach the internal network.