CSSLP Question #345: Real Exam Question with Answer & Explanation

The correct answer is C: It can handle encrypted and unencrypted traffic equally.. A Host-based Intrusion Prevention System (HIPS) operates on a single host, allowing it to inspect both encrypted and unencrypted traffic, but limiting its visibility to events only on that specific host, preventing detection of network-wide activities.

Secure Software Deployment, Operations, Maintenance

Question

Which of the following statements about a host-based intrusion prevention system (HIPS) are true? Each correct answer represents a complete solution. Choose two.

Options

AIt can detect events scattered over the network.
BIt is a technique that allows multiple computers to share one or more IP addresses.
CIt can handle encrypted and unencrypted traffic equally.
DIt cannot detect events scattered over the network.

Explanation

A Host-based Intrusion Prevention System (HIPS) operates on a single host, allowing it to inspect both encrypted and unencrypted traffic, but limiting its visibility to events only on that specific host, preventing detection of network-wide activities.

Common mistakes.

A. HIPS cannot detect events scattered over the network because its scope is limited to the host where it is installed; network-wide event detection is a function of Network-based IPS (NIPS).
B. The statement "It is a technique that allows multiple computers to share one or more IP addresses" describes Network Address Translation (NAT), not a Host-based Intrusion Prevention System.

Concept tested. Host-based Intrusion Prevention System (HIPS) Capabilities

Topics

#HIPS#Intrusion Prevention#Host Security#Security Controls

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions