Jane, a security administrator, has observed repeated attempts to break into a server. Which of
the following is designed to stop an intrusion on a specific server?
A.
HIPS
B.
NIDS
C.
HIDS
D.
NIPS
Explanation:
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
In IDS we have to flavours: Detection and Prevention.
• Detection systems “detect”
• Prevention Systems “prevent”
We also can deal with the NETWORK or with a HOST.
In this question, we are after an IDS which will PREVENT an attack in a HOST
So in order to stop an intrusion, we need to use a Prevention system by defaul, and not a detection system. On top of that , prevention must be at hos level and not network level
The answers are then divided into the above two categories: Detection and Prevention, as well as Network and Host.
We can therefore eliminate all the DETECTION options from the equation
B.NIDS – Network intrusion detection system
C.HIDS – A host-based intrusion detection system (HIDS) is an intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces
In addition to that, B is a NETWORK tool and we are after a HOST tool.
So this leaves us with two PREVENTION options:
A. HIPS – Host Intrusion Prevention System By definition HIPS is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host
D. NIPS – A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity.
A is a Host prevention system and D is a Network prevention system
So by a simple process of elimination, what we are after is : A. HIPS
HIPS (Host Intrusion Prevention System).
By definition HIPS is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.
In other words a Host Intrusion Prevention System (HIPS) aims to stop malware by monitoring the behavior of code.
This Question is asking which of the following is designed to stop an intrusion on a specific server.
To stop an intrusion on a specific server, you would use a HIPS (Host Intrusion Prevention System).
The difference between a HIPS and other intrusion prevention systems is that a HIPS is a software intrusion prevention systems that is installed on a `SPECIFIC SERVER’.
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity.
The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it.
A HIPS (Host Intrusion Prevention System) is software installed on a host which monitors the host for suspicious activity by analyzing events occurring within that host with the aim of detecting and preventing intrusion.
0
0