Comptia Security Plus Mock Test Q11

Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?

A. HIDS
B. Firewall
C. NIPS
D. Spam filter

Correct Answer: C
Section: Network Security

Explanation:
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity.

Incorrect Answers:
A: A host-based IDS (HIDS) watches the audit trails and log fi les of a host system. It’s reliable for detecting attacks directed against a host, whether they originate from an external source or are being perpetrated by a user locally logged in to the host.

B: Firewalls provide protection by controlling traffic entering and leaving a network.

D: A spam filter is a software or hardware tool whose primary purpose is to identify and block/filter/remove unwanted messages (that is, spam). Spam is most commonly associated with email, but spam also exists in instant messaging (IM), short message service (SMS), Usenet, and web discussions/forums/comments/blogs.

References:
http://en.wikipedia.org/wiki/Intrusion_prevention_system
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 47