Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the
following should Pete implement to BEST achieve this goal?
A.
A host-based intrusion prevention system
B.
A host-based firewall
C.
Antivirus update system
D.
A network-based intrusion detection system
Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the
network or Internet.
Incorrect Answers:
A: A host-based IPS (HIPS) is an intrusion detection and prevention system that runs as a service on a host computer system. It is used to monitor the machine
logs, system events, and application activity for signs of intrusion. A HIPS is not used to block ports.
C: Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming
network resources.
D: A network-based IDS (NIDS) is an intrusion detection system that scans network traffic in real time and is useful for detecting network-based attacks originating
from outside the organization. However, a NIDS is not used to block ports.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 111-112, 116-117, 161-162
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 13- 16, 246