CompTIA CASP+ Practice Test

Which traffic control method can ensure that a company effectively inspects HTTPS traffic for malware?

• A. Transparent proxy server
• B. Layer-7 firewall
• C. Content Delivery Network
• D. Network intrusion detection system

The correct answer is: Transparent proxy server

Using a transparent proxy server is a highly effective method for inspecting HTTPS traffic for malware. This type of proxy operates at the network level, allowing it to intercept and analyze outgoing and incoming traffic without requiring explicit configuration on client devices. When a transparent proxy is employed, it can inspect SSL/TLS traffic by performing SSL decryption. Once the encrypted HTTPS traffic is decrypted, the proxy can analyze the content for potential malware or other threats before it re-encrypts the traffic and forwards it to its destination. This process ensures that the organization maintains visibility and security over encrypted communications, which is essential since malware can often be hidden within encrypted traffic. Other options fall short in terms of translucent inspection capabilities for HTTPS. For instance, while a Layer-7 firewall can inspect traffic at the application layer, it typically requires additional configurations for SSL decryption and may not be as automated or seamless as a transparent proxy. A Content Delivery Network (CDN) primarily focuses on content distribution and performance optimization rather than security inspection. Similarly, a network intrusion detection system (NIDS) reviews traffic for suspicious activity but does not alter traffic or facilitate decryption, making it less effective for thorough HTTPS traffic inspection. Overall, a transparent proxy server stands out as the optimal choice