Which of the following should be deployed to prevent the transmission of malicious traffic between
virtual machines hosted on a singular physical device on a network?
A.
HIPS on each virtual machine
B.
NIPS on the network
C.
NIDS on the network
D.
HIDS on each virtual machine
Explanation:
Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single
host for suspicious activity by analyzing events occurring within that host.
Incorrect Answers:
B: Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by
analyzing protocol activity.
C: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting networkfocused attacks, such as bandwidth-based DoS attacks.
D: A host-based IDS (HIDS) watches the audit trails and log files of a host system. It’s reliable for detecting
attacks directed against a host, whether they originate from an external source or are being perpetrated
by a user locally logged in to the host.http://en.wikipedia.org/wiki/Intrusion_prevention_system
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 21