CompTIA Security Plus Mock Test Q696

Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?

A. Proxies
B. Load balancers
C. Protocol analyzer
D. VPN concentrator


Correct Answer: A
Section: Threats and Vulnerabilities

Explanation:
A proxy is a device that acts on behalf of other(s). A commonly used proxy in computer networks is a web proxy. Web proxy functionality is often combined into a proxy firewall.
A proxy firewall can be thought of as an intermediary between your network and any other network. Proxy firewalls are used to process requests from an outside network; the proxy
firewall examines the data and makes rule-based decisions about whether the request should be forwarded or refused. The proxy intercepts all of the packets and reprocesses them
for use internally. This process includes hiding IP addresses.
The proxy firewall provides better security than packet filtering because of the increased intelligence that a proxy firewall offers. Requests from internal network users are routed
through the proxy. The proxy, in turn, repackages the request and sends it along, thereby isolating the user from the external network. The proxy can also offer caching, should the
same request be made again, and it can increase the efficiency of data delivery.

Incorrect Answers:
B: A load balancer distributes traffic between servers. For example, you could have two or more web servers hosting your corporate website. The DNS record for the website will point
to the virtual IP of the load balancer. The load balancer will then share web requests between the web servers. A load balancer is not what is described in this question.
C: A Protocol Analyzer is program used to capture network data communications sent between devices on a network with the purpose of examining the data. Traffic is not ‘redirected’
to a Protocol Analyzer and the Protocol Analyzer does not then send the packets to the intended destination.
D: VPNs are used to make connections between private networks across a public network, such as the Internet. A VPN concentrator is a hardware device used to create remote
access VPNs. The concentrator creates encrypted tunnel sessions between hosts. A VPN concentrator is not what is described in this question.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 98