Information security practitioners are in the midst of implementing a new firewall. Which of the following failure methods would BEST prioritize security in the event of failure?
A failsecure system will default to a secure state in the event of a failure, blocking all access. A fail-open system will fail in an open state, granting all access. The choice is dependent on whether security or availability is more important after a failure.
The failure method that would BEST prioritize security in the event of failure is:
B. Fail-Closed
A "fail-closed" approach means that in the event of a failure, such as a firewall malfunction or outage, the default behavior is to block all traffic or deny access. This prioritizes security by ensuring that, in the absence of normal operation, the firewall will still enforce a security posture that restricts access and protects the network from potential threats.
he best failure method to prioritize security in the event of failure is B: "Fail-Closed". This means that in the event of a firewall failure, the firewall will deny all network traffic by default, ensuring that no unauthorized traffic is allowed through. This ensures that even if the firewall fails, the network is protected from potentially harmful traffic. Method A, Failover, is a process of automatically switching to a backup system in the event of a failure. While failover can be an effective way to ensure business continuity and minimize downtime, it may not necessarily prioritize security in the event of a firewall failure. Failover can be useful to ensure that network traffic continues to flow, but it does not necessarily guarantee that the traffic is secure. In some cases, the failover system may not be as secure as the primary system, which could result in unauthorized traffic being allowed through the firewall. Therefore, Fail-Closed is considered the best method to prioritize security in the event of a firewall failure as it ensures that no unauthorized traffic is allowed through, even if the firewall fails.
Fail-safe means that a device will not endanger lives or property when it fails. Fail-secure, also called fail-closed, means that access or data will not fall into the wrong hands in a security failure.
Different systems use different terminology, so pay attention to context. When a system affects human safety, “fail-safe” means protecting people at the expense of other assets. When it only affects data, “fail-safe” means protecting confidentiality and integrity at the expense of availability.
The fail-secure (fail-closed) failure state puts the system into a high level of security (and possibly even disables it entirely) until an administrator can diagnose the problem and restore
the system to normal operation. The fail-open (fail-safe) state allows users to bypass failed security controls, erring on the side of permissiveness.
The fail-safe can be divided into fail-open and fail-closed depend on the system design and implementation.
Fail-safe is the condition, while fail-open and fail-closed is the result.
Fail Closed - common in situations where security concerns override the need for access.
https://blogs.keysight.com/blogs/tech/nwvs.entry.html/2020/05/20/fail_closed_failop-ZYAt.html
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
sphenixfire
Highly Voted 1 year, 11 months agoVasyamba1
Most Recent 8 months agoVasyamba1
8 months agohomeysl
8 months, 1 week agoSoleandheel
11 months, 2 weeks ago74gjd_37
1 year, 2 months agodumdada
1 year, 5 months agoDelab202
1 year, 10 months agojackdryan
1 year, 6 months agoJamati
2 years agooudmaster
1 year, 11 months agosec_007
2 years, 1 month ago