Which of the following is a network security device that monitors network activities for malicious or unwanted behavior?

A.
IDS

B.
IPS

C.
WEP

D.
ASA

Explanation:
Intrusion Prevention System (IPS) are tools to prevent sophisticated kinds of attacks on the network. IPStools detect such attack by keeping eye on trends, looking for attacks that use particular patterns of messages, and other factors. IPS tools sit in the packet’s forwarding path and then rate and report each potential threat by analyzing the traffic. The IPS tools have the ability to react and filter the traffic.

Answer A is incorrect. Intrusion detection (ID) is a type of security management system for computers and networks. An ID system gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization). ID uses vulnerability assessment (sometimes referred to as scanning), which is a technology developed to assess the security of a computer system or network. Intrusion detection functions include the following. Monitoring and analyzing both user and system activities Analyzing system configurations and vulnerabilities Assessing system and file integrity Ability to recognize patterns typical of attacks Analysis of abnormal activity patterns Tracking user policy violations

Answer D is incorrect. Adaptive Security Appliance (ASA) is a new generation of network security hardware of Cisco. ASA hardware acts as a firewall, in other security roles, and in a combination of roles. The Cisco ASA includes the following components. Anti-x. Anti-x includes whole class of security tools such as Anti-virus, Anti-spyware, Anti-spam, etc. Intrusion Detection and Prevention. Intrusion Detection and Prevention includes tools such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) for sophisticated kinds of attacks. Note. Earlier Cisco sold firewalls with the proprietary name PIX firewall. ASA is the new edition of security solutions by Cisco.

Answer C is incorrect. Wired Equivalent Privacy (WEP) is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks. WEP was intended to provide confidentiality comparable to that of a traditional wired network.