Each server on a subnet is configured to only allow SSH access from the administrator’s workstation.
Which of the following BEST describes this implementation?

A.
Host-based firewalls

B.
Network firewalls

C.
Network proxy

D.
Host intrusion prevention

Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the
activities of the user as well as from communication from the network or Internet. These firewalls
manage network traffic using filters to block certain ports and protocols while allowing others to pass
through the system.
Incorrect Answers:
B: A network firewall protects the entire network from an untrusted public network, such as the Internet
by filtering network traffic. It does not filter network traffic on the internal network.
C: A network proxy is used to protect the local network from external attacks by hiding the IP
configuration of the internal clients. It does not filter network traffic.
D: A host-based IPS (HIPS) is an intrusion detection and prevention system that runs as a service on a host
computer system. It is used to monitor the machine logs, system events, and application activity for signs
of intrusion.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 111-112, 116-117
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 11, 13-16