Which security system scans network traffic for malicious activity and can stop it?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Which security system scans network traffic for malicious activity and can stop it?

Explanation:
The idea here is real-time defense that sits in the traffic path and both detects and blocks threats. An Intrusion Prevention System is placed inline on the network so it can inspect packets as they travel by. It looks for known attack signatures and unusual behavior, and when it finds something malicious it can take immediate action—dropping the offending packets, resetting connections, or blocking traffic from the source. That active blocking is what makes it different from detection-only systems: it doesn’t just alert; it stops the attack in real time. WIDS focuses on wireless traffic, not general network traffic. NAC enforces device posture and access control, which helps keep untrusted devices out or limited, but it doesn’t continuously scan and block malicious activity in the flow of traffic. SSH is simply a secure remote access protocol, not a system for monitoring or blocking traffic.

The idea here is real-time defense that sits in the traffic path and both detects and blocks threats. An Intrusion Prevention System is placed inline on the network so it can inspect packets as they travel by. It looks for known attack signatures and unusual behavior, and when it finds something malicious it can take immediate action—dropping the offending packets, resetting connections, or blocking traffic from the source. That active blocking is what makes it different from detection-only systems: it doesn’t just alert; it stops the attack in real time.

WIDS focuses on wireless traffic, not general network traffic. NAC enforces device posture and access control, which helps keep untrusted devices out or limited, but it doesn’t continuously scan and block malicious activity in the flow of traffic. SSH is simply a secure remote access protocol, not a system for monitoring or blocking traffic.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy