CompTIA Security Plus Mock Test Q185

Which of the following would be MOST appropriate to secure an existing SCADA system by preventing connections from unauthorized networks?

A. Implement a HIDS to protect the SCADA system
B. Implement a Layer 2 switch to access the SCADA system
C. Implement a firewall to protect the SCADA system
D. Implement a NIDS to protect the SCADA system

Correct Answer: C
Section: Network Security

Explanation:
Firewalls manage traffic using filters, which is just a rule or set of rules. A recommended guideline for firewall rules is, “deny by default; allow by exception”. This means that if a network connection is not specifically allowed, it will be denied.

Incorrect Answers:
A: A HIDS monitors the inbound and outbound packets from a host device only and will alert the user or administrator if suspicious activity is detected.
B: A switch is a networking device used to connect other devices together and potentially implement traffic management on their communications.
D: A NIDS monitor traffic to and from all devices on the network and will alert the administrator if suspicious activity is detected.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 9, 23
https://en.wikipedia.org/wiki/Intrusion_detection_system