Refer to the network topology below.
You have IPS Software Blades active on the Security Gateways sglondon, sgla, and sgny, but still
experience attacks on the Web server in the New York DMZ. How is this possible?
A.
All of these options are possible.
B.
The attacker may have used a bunch of evasion techniques like using escape sequences instead of
cleartext commands. It is also possible that there are entry points not shown in the network layout,
like rogue access points.
C.
Since other Gateways do not have IPS activated, attacks may originate from their networks
without anyone noticing.
D.
An IPS may combine different detection technologies, but is dependent on regular signature
updates and well-tuned anomaly algorithms. Even if this is accomplished, no technology can offer
100% protection.