1. True or False? A HIPS can be configured in either promiscuous or inline mode.
- True
- False
Explanation: False. A host-based IPS is installed on a host computer. Only network-based IPS can be run in promiscuous or inline mode.
2. What is true of a NIPS that is running in inline mode?
- It can not stop malicious traffic from reaching its destination.
- NIPS post-event responses require assistance from other networking devices.
- It can add latency to the network.
- It requires SPAN to perform traffic mirroring in order to operate.
Explanation: An inline NIPS can add latency to the network because traffic must be processed before being forwarded to its destination
3. What is true of a HIPS?
- HIPS software combines anti-virus, anti-malware, and firewall functionality.
- HIPS software makes a network-based IPS unnecessary.
- HIPS software is aware of conditions throughout the network.
- HIPS can not prevent hosts from participating in DDoS attacks.
Explanation: HIPS software combines anti-virus, anti-malware, and firewall functionality.
4. What is an example of a HIPS?
- a Cisco Firepower appliance
- Windows Defender
- a router with IPS software
- an ASA firewall device
Explanation: Windows Defender is an example of a HIPS that is included with Microsoft Windows.