Mike, a network administrator, has been asked to passively monitor network traffic to the companys sales websites. Which of the following would be BEST suited for this task?
A.
HIDS
B.
Firewall
C.
NIPS
D.
Spam filter
Which of the following would be BEST suited for this task?
Mike, a network administrator, has been asked to passively monitor network traffic to the companys sales websites. Which of the following would be BEST suited for this task?
How can NIPS be the “passive” way to monitor? Isn’t NIPS considered “active” since it will react to an intrusion and stop malicious activity? The other answers wouldn’t be correct because:
HIDS – For single host machine, not a network.
Firewall – Is active as it allows or rejects requests from untrusted machines
Spam Filter – doesn’t monitor network traffic, only email
I guess then that NIPS would be the “best” answer, but I do not consider it “passive” since it actually takes action, where NIDS only monitors then alerts without trying to stop any malicious activity.
Anyone else have thoughts?