When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?

When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?This action prevents the attacker from communicating with the victim on any port. However, the attacker could communicate with other hosts, making this action better suited for exploits that target a specific host. This event action is appropriate when the likelihood of a false alarm or spoofing is minimal.Reference: http://www.cisco.com/c/en/us/about/security-center/ips-mitigation.html

Question:

When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?

Options:

Deny the connection inline.

Perform a Layer 6 reset.

Deploy an antimalware system.

Enable bypass mode.

Correct Answer

The Correct Answer for this Question is

Deny the connection inline.

Leave a Comment