A host-based intrusion prevention system (HIPS) is an application usually employed on a single

computer. It complements traditional finger-

print-based and heuristic antivirus detection methods, since it does not need continuous updates to

stay ahead of new malware. When a

malicious code needs to modify the system or other software residing on the machine, a HIPS system

will notice some of the resulting changes

and prevent the action by default or notify the user for permission. It can handle encrypted and

unencrypted traffic equally and cannot detect

events scattered over the network.

Answer B is incorrect. Network address translation (NAT) is a technique that allows multiple

computers to share one or more IP

addresses. NAT is configured at the server between a private network and the Internet. It allows the

computers in a private network to share

a global, ISP assigned address. NAT modifies the headers of packets traversing the server. For packets

outbound to the Internet, it translates

the source addresses from private to public, whereas for packets inbound from the Internet, it

translates the destination addresses from

public to private.

Answer A is incorrect. Network intrusion prevention system (NIPS) is a hardware/software platform

that is designed to analyze, detect,

and report on security related events. NIPS is designed to inspect traffic and based on its

configuration or security policy, it can drop malicious

traffic. NIPS is able to detect events scattered over the network and can react.