Statements A, B, D and E describe fundamental components of a layered security strategy. Firewalls and intrusion detection systems protect network perimeters and internal traffic, two-factor authentication strengthens access control and audits reveal vulnerabilities. Statement C is false because shared administrator passwords reduce accountability and increase risk. Statement F is false since unencrypted internal traffic can be intercepted or leaked, so all true statements are A, B, D and E.
Option A:
Option A is correct because it reflects a defence-in-depth approach where prevention, monitoring and assessment work together. It correctly rejects password-sharing and the assumption that unencrypted internal networks are always safe, aligning with best practices in security management.
Option B:
Option B is incomplete because it omits E, and thus ignores the importance of regular security audits and vulnerability assessments. While A, B and D are true, they do not cover the continual improvement cycle needed to maintain security posture.
Option C:
Option C is incorrect because it includes F and omits A. Accepting F would leave internal traffic exposed, and leaving out A fails to mention basic firewall protection, so B, D, E and F do not form a complete or fully accurate set.
Option D:
Option D is incomplete because it excludes B and therefore fails to mention intrusion detection or prevention as a monitoring layer. Although A, D and E are correct, this omission means the combination does not include all true statements.
Comment Your Answer
Please login to comment your answer.
Sign In
Sign Up
Answers commented by others
No answers commented yet. Be the first to comment!