ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-401 All Questions

View all questions & answers for the SY0-401 exam
Go to Exam

Exam SY0-401 topic 1 question 18 discussion

Actual exam question from CompTIA's SY0-401
Question #: 18
Topic #: 1
[All SY0-401 Questions]

Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?

  • A. Application Firewall
  • B. Anomaly Based IDS
  • C. Proxy Firewall
  • D. Signature IDS
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Anomaly-based detection watches the ongoing activity in the environment and looks for abnormal occurrences. An anomaly-based monitoring or detection method relies on definitions of all valid forms of activity. This database of known valid activity allows the tool to detect any and all anomalies. Anomaly-based detection is commonly used for protocols. Because all the valid and legal forms of a protocol are known and can be defined, any variations from those known valid constructions are seen as anomalies.
Incorrect Answers:
A: An application aware firewall provides filtering services for specific applications.
C: Proxy firewalls are used to process requests from an outside network; the proxy firewall examines the data and makes rule-based decisions about whether the request should be forwarded or refused. The proxy intercepts all of the packets and reprocesses them for use internally.
D: A signature-based monitoring or detection method relies on a database of signatures or patterns of known malicious or unwanted activity.
References:
, Sybex, Indianapolis, 2014, pp. 16, 20
, Sybex, Indianapolis, 2014, p. 98
by thanhtq00104 at March 9, 2025, 7:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
thanhtq00104
6 days, 11 hours ago
Selected Answer: A
Correct Answer A
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago