CompTIA Security Plus Mock Test Q793

Each server on a subnet is configured to only allow SSH access from the administrator’s workstation. Which of the following BEST describes this implementation?

A. Host-based firewalls
B. Network firewalls
C. Network proxy
D. Host intrusion prevention


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet.
These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system.

Incorrect Answers:
B: A network firewall protects the entire network from an untrusted public network, such as the Internet by filtering network traffic. It does not filter network traffic on the internal
network.
C: A network proxy is used to protect the local network from external attacks by hiding the IP configuration of the internal clients. It does not filter network traffic.
D: A host-based IPS (HIPS) is an intrusion detection and prevention system that runs as a service on a host computer system. It is used to monitor the machine logs, system events,
and application activity for signs of intrusion.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 111-112, 116-117
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 11, 13-16