Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales
websites. Which of the following would be BEST suited for this task?
A.
HIDS
B.
Firewall
C.
NIPS
D.
Spam filter
Explanation:
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by
analyzing protocol activity.
Incorrect Answers:
A: A host-based IDS (HIDS) watches the audit trails and log files of a host system. It’s reliable for detecting
attacks directed against a host, whether they originate from an external source or are being perpetrated by auser locally logged in to the host.
B: Firewalls provide protection by controlling traffic entering and leaving a network.
D: A spam filter is a software or hardware tool whose primary purpose is to identify and block/filter/remove
unwanted messages (that is, spam). Spam is most commonly associated with email, but spam also exists in
instant messaging (IM), short message service (SMS), Usenet, and web discussions/forums/comments/blogs.http://en.wikipedia.org/wiki/Intrusion_prevention_system
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 47