Which of the following security applications is least likely to be included in a vendor’s desktop security suite?
(Select the best answer.)
A.
antivirus software
B.
a HIPS
C.
a personal firewall
D.
a proxy server
Explanation:
Of the available choices, a proxy server is least likely to be included in a vendor’s desktop security suite. A
proxy server is typically an application layer gateway that provides resource caching and traffic filtering for a
particular class of traffic, such as web content. Although you could install a proxy server locally on a host, it
would not have a significant effect on malicious traffic directed at the host nor would it be able to analyze its
content.
A Hostbased Intrusion Prevention System (HIPS) can be installed on a host to analyze and prevent malicioustraffic on that host and is more likely to be included in a vendor’s desktop security suite than a proxy server. An
Intrusion Prevention System (IPS) can be used to actively monitor, analyze, and block malicious traffic before it
infects devices. HIPS software can be installed on a host computer to protect that computer against malicious
traffic. By contrast, a Networkbased IPS (NIPS) is an independent operating platform, often a standalone
appliance or a hardware module installed in a chassis. A NIPS device can be installed inline on a network to
monitor and prevent malicious traffic from being sent to other devices on the network. One advantage of using
a NIPS over a HIPS is that a NIPS can detect lowlevel network events, such as the scanning of random hosts
on the network? a HIPS can only detect scans for which it is the target. A HIPS and a NIPS can be used
together to provide an additional layer of protection.
A personal firewall is more likely to be included in a vendor’s desktop security suite than a proxy server. A
personal firewall can work in conjunction with other software, such as a HIPS or a NIPS, to protect a host from
a wider array of malicious activities. For example, Cisco Advanced Malware Protection (AMP) for Endpoints can
work in conjunction with a personal firewall to provide threat protection and advanced analytics.
Antivirus software is more likely to be included in a vendor’s desktop security suite than a proxy server.
Antivirus software monitors the file system and memory space on a host for malicious code. Although the
antivirus software might protect the host from malicious file execution, it would be unable to protect the host
from malicious traffic. Some antivirus vendors offer integrated security suites, which feature personal firewall,
HIPS, antivirus, and antimalware components.Cisco: Cisco Advanced Malware Protection for Endpoints Data Sheet