An administrator is looking to implement a security device which will be able not only to detect network intrusions at the organization level, but also help to defend against them. Which of the following is being described here?
Suggested Answer:B🗳️
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it Incorrect Answers: A: A network-based IDS (NIDS) watches network traffic in real time. Its reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks. C: Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. D: A host-based IDS (HIDS) watches the audit trails and log files of a host system. Its reliable for detecting attacks directed against a host, whether they originate from an external source or are being perpetrated by a user locally logged in to the host. References: http://en.wikipedia.org/wiki/Intrusion_prevention_system , Sybex, Indianapolis, 2014, p. 21
Currently there are no comments in this discussion, be the first to comment!
This section is not available anymore. Please use the main Exam Page.SY0-401 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Comments