In a network security context, what should be regularly monitored and tested?

Study for the EC-Council Certified Ethical Hacker Exam v13. Use flashcards and multiple choice questions with hints and explanations. Prepare for your certification exam today!

Multiple Choice

In a network security context, what should be regularly monitored and tested?

Explanation:
Regularly monitoring and testing must cover the entire network and its security systems. The idea is to maintain visibility across all parts of the infrastructure and the defenses that protect it, not just a single component. Continuous monitoring involves collecting and analyzing logs, traffic patterns, alerts, device health, and configuration compliance across routers, switches, servers, endpoints, and security controls like IDS/IPS, firewalls, and access controls. Regular testing includes activities such as vulnerability assessments, penetration testing, configuration reviews, patch management validation, and incident response drills to verify that controls function as intended and gaps are identified and addressed. Why this is the best fit: focusing only on web content misses the backbone of the network and the security controls that protect it. End-user devices matter, but isolating monitoring to them ignores network infrastructure, servers, and centralized defenses. Limiting testing to firewall rules overlooks misconfigurations, software vulnerabilities, patch levels, and detection capabilities elsewhere in the environment. A holistic approach ensures you detect changes, new threats, and misconfigurations across the whole security posture.

Regularly monitoring and testing must cover the entire network and its security systems. The idea is to maintain visibility across all parts of the infrastructure and the defenses that protect it, not just a single component. Continuous monitoring involves collecting and analyzing logs, traffic patterns, alerts, device health, and configuration compliance across routers, switches, servers, endpoints, and security controls like IDS/IPS, firewalls, and access controls. Regular testing includes activities such as vulnerability assessments, penetration testing, configuration reviews, patch management validation, and incident response drills to verify that controls function as intended and gaps are identified and addressed.

Why this is the best fit: focusing only on web content misses the backbone of the network and the security controls that protect it. End-user devices matter, but isolating monitoring to them ignores network infrastructure, servers, and centralized defenses. Limiting testing to firewall rules overlooks misconfigurations, software vulnerabilities, patch levels, and detection capabilities elsewhere in the environment. A holistic approach ensures you detect changes, new threats, and misconfigurations across the whole security posture.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy