+ Reply to Thread
Results 1 to 4 of 4
  1. Senior Member teancum144's Avatar
    Join Date
    Jun 2012
    Location
    Pacific Northwest, USA
    Posts
    227

    Certifications
    CISSP, CISA, CPA (inactive), Network+, Security+
    #1

    Default Securing a Web Server

    A company's security specialist is securing a web server that is reachable from the internet. The web server is located in the core internal corporate network. The network cannot be redesigned and the server cannot be moved. Which of the following should the security specialist implement to secure the web server?
    A. Network-based IDS
    B. Router with firewall rule set
    C. Host-based firewall
    D. Router with an IDS module
    E. Network-based firewall
    F. Host-based IDS

    The answer is "F". However, I think this is a poorly worded question. If "F" said "Host-based IPS", then I would agree. So, given the choices, wouldn't "C" be the best choice?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member ChooseLife's Avatar
    Join Date
    Feb 2011
    Location
    runlevel 3
    Posts
    926

    Certifications
    BCSc Network Security, VCP, MCSA:Sec, CCNA:Sec, GIAC GSEC, Sec+, ITIL-f
    #2
    G. All of the above

    I think the question is not worded properly. Comes from a guy who secures web servers for living..
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Feb 2012
    Posts
    2,426
    #3
    That is a oddly worded question and answer. The question author uses the term "secure the web server" - so that should normally rule out any IDS techniques. I interpret the word "secure" as introducing a preventative control. An IDS is considered a detective control. So while an IDS is part of any defense in depth strategy - it's not a preventative control which could prevent an intrusion attempt.

    Caveat though - I'm actually not familiar with Security+'s knowledge base so I do not know if there is an expectation that a candidate needs to be able to discern control types.
    Reply With Quote Quote  

  5. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #4
    Terrible question/answer. As paul78 said an IDS/IPS is only a detective control. If we can't have "All of the above" then I vote for:

    H. Reverse proxy web application firewall
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks