What are two challenges faced when deploying host-level IPS? (Choose Two)

What are two challenges faced when deploying host-level IPS? (Choose Two)
A . The deployment must support multiple operating systems.
B . It does not provide protection for offsite computers.
C . It is unable to provide a complete network picture of an attack.
D . It is unable to determine the outcome of every attack that it detects.
E . It is unable to detect fragmentation attacks.

Answer: AB

Explanation:

Advantages of HIPS: The success or failure of an attack can be readily determined. A network IPS sends an alarm upon the presence of intrusive activity but cannot always ascertain the success or failure of such an attack. HIPS does not have to worry about fragmentation attacks or variable Time to Live (TTL) attacks

because the host stack takes care of these issues. If the network traffic stream is encrypted, HIPS has access to the traffic in unencrypted form.

Limitations of HIPS: There are two major drawbacks to HIPS:

+ HIPS does not provide a complete network picture: Because HIPS examines information only at the local host level, HIPS has difficulty constructing an accurate network picture or coordinating the events happening across the entire network.

+ HIPS has a requirement to support multiple operating systems: HIPS needs to run on every system in the network. This requires verifying support for all the different operating systems used in your network.

Source: http://www.ciscopress.com/articles/article.asp?p=1336425&seqNum=3

Latest 210-260 Dumps Valid Version with 498 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments