As a critical part of the design for the Enterprise Campus network, which of the following two are true concerning intrusion detection and prevention solution? (Choose two)

As a critical part of the design for the Enterprise Campus network, which of the following two are true concerning intrusion detection and prevention solution? (Choose two)

As a critical part of the design for the Enterprise Campus network, which of the following two are true concerning intrusion detection and prevention solution? (Choose two)

A.
IDS is capable of both inline and promiscuous monitoring, while IPS is only capable of promiscuous monitoring

B.
IDS will stop malicious traffic from reaching its intended target for certain types of attacks.

C.
IPS processes information on Layers 3 and 4 as well as analyzing the contents and payload of the packets for more sophisticated embedded attacks (Layers 3 to 7)

D.
IPS inspects traffic statefully and needs to see both sides of the connection to function properly

E.
IDS placement at the perimeter of Data Center outside the firewall generates many warnings that have relatively low value because no action is likely to be taken on this information

Explanation:

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

saeed

saeed

correct answer should be C &E

Reply

Saeed

Saeed

sorry corrcet naswer is C, D

Traditional packet flows in a network are symmetrical and consist of connections that take the same path
through the network in both directions. Many newer network designs do not guarantee symmetrical flows and
engineer the network to take advantage of all available links. This greatly increases the chance that traffic may
use multiple paths to and from its destination.
This asymmetric traffic flow can cause problems with inline IPS devices. Because an IPS sensor inspects traffic
statefully and needs to see both sides of the connection to function properly, asymmetric traffic flows may
cause valid traffic to be dropped.

Reply