Last Updated on August 1, 2021 by Admin 2
Which of the following is used to prevent malicious software systems?
- network AV
- host AV
To protect multiple devices from malware, network antivirus (AV) should be used. These tools can protect an entire network of devices.
A host antivirus (AV) can only protect the device on which it is installed.
A host intrusion prevention system (HIPS) can prevent multiple attack types, but it can only protect the device on which it is installed.
A host intrusion detection system (HIPS) can detect multiple attack types, but it can only detect attacks against the device on which it is installed.
Intrusion prevention systems (IPS) and intrusion detection systems (IDS) work together to complement each other. IPS systems can block activities on certain Web sites. Users may be allowed to access the sites but may be prevented from accessing certain features within the site. In other cases, the entire site may be blocked, depending on the security requirements for the organization.
Objective: Security Concepts
Sub-Objective: Compare and contrast these terms: Network and host antivirus, Agentless and agent-based protections, SIEM and log collection