Which statement concerning a network intrusion detection system (NIDS) is correct?
a. A NIDS knows such information as the applications that are running as well as the underlying operating systems so that it can provide a higher degree of accuracy regarding potential attacks.
b. Compared to a network intrusion prevention system (NIPS), a NIDS can more quickly take action to block and attack.
c. A NIDS attempts prevent malicious attacks by stopping the attack.
d. A NIDS has sensors that monitor the traffic entering and leaving a firewall, and reports back to the central device for analysis.
Answer: D
A network intrusion prevention system (NIPS) is similar to a NIDS in that it monitors network traffic to immediately react to block a malicious attack. One of the major differences between a NIDS and a NIPS is its location. A NIDS has sensors that monitor the traffic entering and leaving a firewall, and reports back to the central device for analysis. A NIPS, on the other hand, would be located "in line" on the firewall itself. This can allow the NIPS to more quickly take action to block an attack.