Which three statements about host-based IPS are true?

Which three statements about host-based IPS are true? (Choose three.)

Which three statements about host-based IPS are true? (Choose three.)

A.
It can view encrypted files.

B.
It can have more restrictive policies than network-based IPS.

C.
It can generate alerts based on behavior at the desktop level.

D.
It can be deployed at the perimeter.

E.
It uses signature-based policies.

F.
It works with deployed firewalls.

Explanation:
BD
If the network traffic stream is encrypted, HIPS has access to the traffic in unencrypted form.
HIPS can combine the best features of antivirus, behavioral analysis, signature filters, network firewalls, and
application firewalls in one package.
Host-based IPS operates by detecting attacks that occur on a host on which it is installed. HIPS works by
intercepting operating system and application calls, securing the operating system and application
configurations, validating incoming service requests, and analyzing local log files for after-the-fact suspicious
activity.
Source: http://www.ciscopress.com/articles/article.asp?p=1336425&seqNum=3



Leave a Reply 0

Your email address will not be published. Required fields are marked *