Statements A, B and D correctly characterise typical roles of firewalls and IDS in network security, whereas C is an unrealistic claim. Firewalls enforce access control policies and IDS tools generate alerts, but no single device can guarantee perfect security. Defence-in-depth recognises the need for multiple layers of protection, procedures and monitoring. Consequently, the combination that includes A, B and D but not C is the only accurate choice.
Option A:
Option A is incomplete because it lists only A and B and omits D. Without mentioning defence-in-depth, one might wrongly assume that firewalls and IDS alone are sufficient, ignoring the multi-layered strategies recommended in practice.
Option B:
Option B is incorrect because it includes A, B and C and thereby accepts C. The assertion that a firewall always guarantees safety ignores new threats, misconfigurations and insider risks, so this combination cannot be accepted.
Option C:
Option C is correct because it captures the complementary functions of firewalls and IDS and acknowledges that they must be part of a broader security architecture. By excluding C, it rejects the mistaken belief in absolute protection through a single device.
Option D:
Option D is incomplete because it groups B and D only and leaves out A. Statement A provides the basic definition of what a firewall does, and its omission makes the combination conceptually incomplete.
Comment Your Answer
Please login to comment your answer.
Sign In
Sign Up
Answers commented by others
No answers commented yet. Be the first to comment!