CERTIFIED-IN-CYBERSECURITY · Question #167
CERTIFIED-IN-CYBERSECURITY Question #167: Real Exam Question with Answer & Explanation
The correct answer is D: IPS. An intrusion prevention system (IPS) is designed to monitor network traffic in real-time, identifying patterns or behaviors that may indicate an attempted intrusion or other malicious activity. Whenever an IPS detects suspicious activity, it can also act to protect the network (s
Question
An organization needs a network security tool that detects and acts in the event of malicious activity. Which of these tools will BEST meet their needs?
Options
- ARouter
- BIDS
- CFirewall
- DIPS
Explanation
An intrusion prevention system (IPS) is designed to monitor network traffic in real-time, identifying patterns or behaviors that may indicate an attempted intrusion or other malicious activity. Whenever an IPS detects suspicious activity, it can also act to protect the network (such as by blocking suspicious traffic, alerting the network administrator, or initiating a response to contain the threat) (see ISC2 Study Guide, chapter 4, module 2). Another type of network security tool is an intrusion detection system (IDS), which is similar to an IPS, except that it focuses on detecting rather than preventing attacks. Firewalls are network security equipment or software that controls the incoming and outgoing network traffic according to predetermined security rules. They are indeed valuable in network security, but do not typically have the detection capabilities of IDS or IPS. Finally, a router is a networking device that forwards data packets between computer networks, but does not have the same security features as an IPS, IDS or firewall.
Topics
Community Discussion
No community discussion yet for this question.