Mike, a network administrator, has been asked to passively monitor network traffic to the company’s
sales websites. Which of the following would be BEST suited for this task?
A.
HIDS
B.
Firewall
C.
NIPSD. Spam filter
Explanation:
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by
analyzing protocol activity.
Incorrect Answers:
A: A host-based IDS (HIDS) watches the audit trails and log fi les of a host system. It’s reliable for detecting
attacks directed against a host, whether they originate from an external source or are being perpetrated
by a user locally logged in to the host.
B: Firewalls provide protection by controlling traffic entering and leaving a network.
D: A spam filter is a software or hardware tool whose primary purpose is to identify and
block/filter/remove unwanted messages (that is, spam). Spam is most commonly associated with email,
but spam also exists in instant messaging (IM), short message service (SMS), Usenet, and web
discussions/forums/comments/blogs.http://en.wikipedia.org/wiki/Intrusion_prevention_system
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 47