A new startup company with very limited funds wants to protect the organization from external
threats by implementing some type of best practice security controls across a number of hosts
located in the application zone, the production zone, and the core network. The 50 hosts in the
core network are a mixture of Windows and Linux based systems, used by development staff to
develop new applications. The single Windows host in the application zone is used exclusively by
the production team to control software deployments into the production zone. There are 10 UNIX
web application hosts in the production zone which are publically accessible.
Development staff is required to install and remove various types of software from their hosts on a
regular basis while the hosts in the zone rarely require any type of configuration changes.
Which of the following when implemented would provide the BEST level of protection with the
LEAST amount of disruption to staff?
A.
NIPS in the production zone, HIPS in the application zone, and anti-virus / anti-malware across
all Windows hosts.
B.
NIPS in the production zone, NIDS in the application zone, HIPS in the core network, and antivirus / anti-malware across all hosts.
C.
HIPS in the production zone, NIPS in the application zone, and HIPS in the core network.
D.
NIDS in the production zone, HIDS in the application zone, and anti-virus / anti-malware across
all hosts.