Which IPS mode provides the maximum number of actions?
A.
inline
B.
promiscuous
C.
span
D.
failover
E.
bypass
Explanation:
BD
The first option is to put a sensor inline with the traffic, which just means that any traffic going through your
network is forced to go in one physical or logical port on the sensor.
Because the sensor is inline with the network, and because it can drop a packet and deny that packet from ever
reaching its final destination (because it might cause harm to that destination), the sensor has in fact just
prevented that attack from being carried out. That is the concept behind intrusion prevention systems (IPS).
Whenever you hear IPS mentioned, you immediately know that the sensor is inline with the traffic, which makes
it possible to prevent the attack from making it further into the network.
Source: Cisco Official Certification Guide, Difference Between IPS and IDS, p.460