(ISC)2 Certified in Cybersecurity Practice Exam

Which of the following describes a system that actively prevents attacks by blocking malicious traffic?

• A. IDS
• B. Encryption
• C. IPS
• D. Firewall

The correct answer is: IPS

The choice of an Intrusion Prevention System (IPS) is correct because this type of system is specifically designed to actively monitor network traffic for malicious activities and take action to prevent those threats in real-time. An IPS not only detects potential attacks but also responds to them by blocking the malicious traffic, thereby stopping threats before they can cause harm to the network or systems. In contrast, an Intrusion Detection System (IDS) is focused on identifying and reporting threats rather than preventing them. While an IDS monitors network traffic and alerts administrators to potential intrusions, it does not block the traffic on its own, which is a key distinction from an IPS. Encryption is concerned with securing data by transforming it into a format that can only be read or processed by those with the appropriate decryption key. While essential for protecting data confidentiality, it does not directly prevent attacks or block malicious traffic. A firewall serves to control incoming and outgoing network traffic based on predetermined security rules. Although firewalls can block certain types of malicious traffic, they do not typically provide the same level of deep packet inspection and active response to threats as an IPS does. Therefore, while a firewall is a critical component of network security, it is not categorized as an active prevention system in the same way that