Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the
following would provide the BEST level of protection?
A.
HIPS
B.
Antivirus
C.
NIDS
D.
ACL
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
*B-Antivirus – No need to say, an antivirus is a (of software) designed to detect and destroy computer viruses. Developers rely on prior knowledge of an attack on threat in order to be able to develop a proper fix which is then released as the next virus “definition”. An antivirus is not the best protection against a zero day attack as a result, since by definition there is no prior knowledge ( as yet) of an attack on threat hence it is not the BEST protection against a Zero Day attack.
*C.NIDS – Short for network intrusion detection system, NIDS is a system that attempts to detect hacking activities, denial of service attacks or port scans on a computer network or a computer itself. The NIDS monitors network traffic and helps to detect these malicious activities by identifying suspicious patterns in the incoming packets. NIDS therefore works only at NETWORK level, hence it is not the BEST protection against a Zero Day attack.
D.ACL – Access Control Lists. An access control list (ACL) is a list of access control entries (ACE). Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee. The security descriptor for a securable object can contain two types of ACLs: a DACL and a SACL. threat hence it is not the BEST protection against a Zero Day attack.
The correct answer is A.HIPS
A host-based intrusion prevention system (HIPS) is a system or a program employed to protect critical computer systems containing crucial data against viruses and other Internet malware. Starting from the NETWORK LAYER all the way up to the APPLICATION LAYER, HIPS protects from KNOWN AND UNKNOWN MALICIOUS ATTACKS. HIPS regularly checks the characteristics of a single host and the various events that occur within the host for suspicious activities.
HIPS can be implemented on various types of machines, including servers, workstations, and computers.
0
0