After a security incident, a network security engineer discovers that a portion of the company's sensitive external traffic has been redirected through a secondary ISP that is not normally used.

Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?

Options:

A Disable BGP and implement a single static route for each internal network.
B Implement a BGP route reflector.
C Implement an inbound BGP prefix list.
D Disable BGP and implement OSPF.   

A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following:

1. The network supports core applications that have 99.99% uptime.

2. Configuration updates to the SD-WAN routers can only be initiated from the management service.

3. Documents downloaded from websites must be scanned for malware.

Which of the following solutions should the network architect implement to meet the requirements?

Options:

A Reverse proxy, stateful firewalls, and VPNs at the local sites
B IDSs, WAFs, and forward proxy IDS
C DoS protection at the hub site, mutual certificate authentication, and cloud proxy
D IPSs at the hub, Layer 4 firewalls, and DLP

B, C or D which one is correct ???

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?

 A Packets that are the wrong size or length
 B Use of any non-DNP3 communication on a DNP3 port
 C Multiple solicited responses over time
 D Application of an unsupported encryption algorithm

Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.

Which of the following would be the BEST option to implement?

Options:

A Distributed connection allocation
B Local caching
C Content delivery network
D SD-WAN vertical heterogeneity