Which type of technology runs on workstations or network devices to monitor and track network
activity, and can be configured to raise an alarm when security breaches occur?
A.
IP Security (IPSec) protocol
B.
Packet filtering firewall
C.
Intrusion Detection Systems (IDSs)
D.
Circuit-level firewall
Explanation:
An Intrusion Detection Systems (IDSs) can run on network devices and on individual workstations.
You can configure the IDS to monitor for suspicious network activity, check systems logs, perform
stateful packet matching, and disconnect sessions that are violating your security policy.
Incorrect Answers:
A: IPSec provides data authentication and encryption services for securing VPNs. InTransport
mode, only the payload is encrypted. In Tunneling mode, both the payload and message headers
are encrypted.
B: Packet filtering firewalls allow or blocks traffic based on the type of application. This type of
firewall decides whether to pass traffic based on the packet’s addressing information and can be
based on IP addresses or ports.
D: Circuit-level firewalls watch TCP and UDP ports and can be used to configure security devices
with the rate of responses to requests to process, and to block any impending communications
from suspicious hosts.References:Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd
Edition, Sybex, Alameda, 2004, p. 104 – 114.Todd Bill The Security+ Training Guide, QUE
Publishing, Indianapolis, 2003, Chapter 3