Mike, a network administrator, has been asked to passively monitor network traffic to the
company’s sales websites. Which of the following would be BEST suited for this task?
A.
HIDS
B.
Firewall
C.
NIPS
D.
Spam filter
Explanation:
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious
traffic by analyzing protocol activity.
NIPS is not passive it can be installed passive mode
0
0
I agree IPS is actively working to protect, while IDS is is passively monitoring. I assumed as Ronnie stated that you can set NIPS to passive as an option but was not 100% on that. Either way NIPS is network based while HIDS is host based.
0
0
Can’t you put a IDS on the Web Server?
0
0
You could, one of the things I hate about the wording on the test questions is that it is inconsistent with when it expects you to assume certain things. I was expecting NIPR to not be the answer here since they explicitly said passive monitoring, which is what an IDS would be for. You could as you said, use a HIDS just on the web servers to accomplish this task with minimal disruption to other network functions.
0
0
There is a sim on the actual exam where an attacker uses a tablet to hack a gaming site. Can anyone help with that?
0
0
This is incorrect. HIDS is passive, NIPS will prevent the traffic automatically which makes it not passive. HIDS will monitor it and you will have the ability to approve or disapprove.
0
0
pas·sive·ly
ˈpasivlē/Submit
adverb
1.
in an accepting manner, without active response or resistance.
NIDS should be the answer.
1
0