nerdexam
(ISC)2

CISSP · Question #143

Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child

The correct answer is B. Intrusion Prevention System (IPS). This question tests knowledge of which security tool can detect unauthorized network application usage, specifically peer-to-peer traffic, when a device connects to the corporate network.

Submitted by tyler.j· Mar 5, 2026Communication and Network Security

Question

Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization's Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network?

Options

  • AAnti-virus software
  • BIntrusion Prevention System (IPS)
  • CAnti-spyware software
  • DIntegrity checking software

How the community answered

(45 responses)
  • A
    2% (1)
  • B
    93% (42)
  • D
    4% (2)

Why each option

This question tests knowledge of which security tool can detect unauthorized network application usage, specifically peer-to-peer traffic, when a device connects to the corporate network.

AAnti-virus software

Anti-virus software is designed to detect malicious code and malware signatures on the host system, not to monitor or identify specific network application protocols like peer-to-peer traffic.

BIntrusion Prevention System (IPS)Correct

An Intrusion Prevention System (IPS) monitors network traffic in real-time and can detect and block specific application-layer protocols and traffic patterns, including peer-to-peer (P2P) file-sharing protocols such as BitTorrent or eDonkey. IPS devices use signature-based and behavioral analysis to identify P2P traffic by its unique communication patterns and port usage. When the laptop connected to the office network, the IPS would have flagged or blocked the P2P traffic based on predefined rules or signatures.

CAnti-spyware software

Anti-spyware software focuses on detecting spyware, adware, and tracking software installed on a host, and would not specifically identify or alert on peer-to-peer network application usage.

DIntegrity checking software

Integrity checking software monitors file system changes and verifies that system files have not been altered, but it does not analyze network traffic to detect the use of peer-to-peer applications on the network.

Concept tested: IPS detection of unauthorized peer-to-peer network traffic

Source: https://www.cisco.com/c/en/us/products/security/intrusion-prevention-system-ips/index.html

Topics

#P2P detection#IPS#network security#traffic monitoring

Community Discussion

No community discussion yet for this question.

Full CISSP Practice