GIAC Cybersecurity Technologies Practice Test 2025 – Complete Exam Prep

The selection of a firewall as a likely source of logs for HTTP network traffic data is appropriate as firewalls are specifically designed to monitor and control incoming and outgoing network traffic based on predetermined security rules. They often maintain logs that capture data about HTTP requests and responses, including details like source and destination IP addresses, ports, and protocols used, which are critical for understanding web traffic patterns and identifying potential security threats.

A firewall inspects the content of the HTTP traffic, providing insights into which websites are being accessed and which users are generating that traffic. This capability makes firewalls an integral part of network security, as they help in detecting and logging suspicious activities that could indicate malicious behavior, such as unauthorized access attempts or data exfiltration.

In contrast, the other options do not serve primarily as sources of HTTP traffic logging. A Layer 2 switch primarily operates at the data link layer, managing data frames and does not log the higher-level protocols such as HTTP. A DNS Server is focused on resolving domain names to IP addresses, not tracking HTTP traffic directly. Similarly, an Active Directory Server primarily handles authentication and directory services and does not log HTTP traffic as part of its core functions. Hence, firewalls stand out as the most relevant source for HTTP network traffic