Which one of the following statements best describes the primary IPS mechanism used in rule-based detection to help stop attackers from compromising systems?
A . The geo-location database can be installed to filter specific countries, based on reputation scores.
B . IPS rule-sets evaluate various network activities over a long period, allowing rule-based detection configuration to automatically update its rule-set.
C . Rule-based detection, using updated IPS signature files, can be leveraged to stop attackers from malicious activity.
D . Complex ACLs can be applied to the WAN-facing interfaces, allowing rule-based detection to inspect traffic as it enters the sensor.
E . By deploying NAT on WAN-facing interfaces and working with rule-based detection methods, malicious activity can be inspected and blocked before it is sent to internal network resources.
Answer: C
Leave a Reply