Which of the following will BEST prevent external security attacks?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
Network address translation is helpful by having internal addresses that are nonroutable.
Background checks of temporary employees are more likely to prevent an attack launched from within the enterprise.
Static IP addressing does little to prevent an attack.
Writing all computer logs to removable media does not help in preventing an attack.
Out of the given options, the most effective approach to prevent external security attacks is securing and analyzing system access logs (Option D).
Securing and analyzing system access logs involves regularly monitoring and reviewing the logs of all system access attempts. This helps in identifying any unauthorized access attempts and potential security breaches, and enables timely action to be taken to prevent them. Access logs can provide critical information such as the time, source, and destination of the access attempts, and the type of activity that was attempted or performed. By regularly analyzing these logs, security teams can detect patterns of suspicious activity or identify anomalies in access patterns that could indicate an attack.
Static IP addressing (Option A) is not an effective way to prevent external security attacks. Static IP addressing is simply a method of assigning fixed IP addresses to devices on a network. While it can be useful for network management purposes, it does not inherently provide any security benefits.
Network address translation (Option B) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets. While it can be used to obscure the internal network structure from external attackers, it does not provide any direct security benefits.
Background checks for temporary employees (Option C) can be an important component of an overall security strategy, but it is not the most effective way to prevent external security attacks. Background checks are typically focused on identifying individuals with criminal histories, negative employment histories, or other potential red flags that could make them a security risk. While this can help to reduce the risk of insider threats or social engineering attacks, it does not directly address external security threats.
In summary, the most effective approach to preventing external security attacks is to secure and analyze system access logs (Option D). This enables security teams to detect and respond to potential security breaches in a timely manner, and can help to prevent attackers from gaining unauthorized access to the network.