Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales
websites. Which of the following would be BEST suited for this task?
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by
analyzing protocol activity.
A: A host-based IDS (HIDS) watches the audit trails and log files of a host system. It’s reliable for detecting
attacks directed against a host, whether they originate from an external source or are being perpetrated by auser locally logged in to the host.
B: Firewalls provide protection by controlling traffic entering and leaving a network.
D: A spam filter is a software or hardware tool whose primary purpose is to identify and block/filter/remove
unwanted messages (that is, spam). Spam is most commonly associated with email, but spam also exists in
instant messaging (IM), short message service (SMS), Usenet, and web discussions/forums/comments/blogs.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 47