Which of the following should be deployed to prevent the transmission of malicious traffic between virtual
machines hosted on a singular physical device on a network?
HIPS on each virtual machine
NIPS on the network
NIDS on the network
HIDS on each virtual machine
Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host
for suspicious activity by analyzing events occurring within that host.
B: Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by
analyzing protocol activity.
C: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused
attacks, such as bandwidth-based DoS attacks.
D: A host-based IDS (HIDS) watches the audit trails and log files of a host system. It’s reliable for detecting
attacks directed against a host, whether they originate from an external source or are being perpetrated by a
user locally logged in to the host.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 21