CISSP · Question #143
Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child
The correct answer is B. Intrusion Prevention System (IPS). This question tests knowledge of which security tool can detect unauthorized network application usage, specifically peer-to-peer traffic, when a device connects to the corporate network.
Question
Options
- AAnti-virus software
- BIntrusion Prevention System (IPS)
- CAnti-spyware software
- DIntegrity checking software
How the community answered
(45 responses)- A2% (1)
- B93% (42)
- D4% (2)
Why each option
This question tests knowledge of which security tool can detect unauthorized network application usage, specifically peer-to-peer traffic, when a device connects to the corporate network.
Anti-virus software is designed to detect malicious code and malware signatures on the host system, not to monitor or identify specific network application protocols like peer-to-peer traffic.
An Intrusion Prevention System (IPS) monitors network traffic in real-time and can detect and block specific application-layer protocols and traffic patterns, including peer-to-peer (P2P) file-sharing protocols such as BitTorrent or eDonkey. IPS devices use signature-based and behavioral analysis to identify P2P traffic by its unique communication patterns and port usage. When the laptop connected to the office network, the IPS would have flagged or blocked the P2P traffic based on predefined rules or signatures.
Anti-spyware software focuses on detecting spyware, adware, and tracking software installed on a host, and would not specifically identify or alert on peer-to-peer network application usage.
Integrity checking software monitors file system changes and verifies that system files have not been altered, but it does not analyze network traffic to detect the use of peer-to-peer applications on the network.
Concept tested: IPS detection of unauthorized peer-to-peer network traffic
Source: https://www.cisco.com/c/en/us/products/security/intrusion-prevention-system-ips/index.html
Topics
Community Discussion
No community discussion yet for this question.