Comptia Security Plus Mock Test Q13

Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. NIPS
B. HIDS
C. HIPS
D. NIDS

Correct Answer: A
Section: Network Security

Explanation:
Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it

Incorrect Answers:
B: A host-based IDS (HIDS) watches the audit trails and log files of a host system. It’s reliable for detecting attacks directed against a host, whether they originate from an external
source or are being perpetrated by a user locally logged in to the host.

C: Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.

D: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks.

References:
http://en.wikipedia.org/wiki/Intrusion_prevention_system
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 21