Which statement is a benefit of using Cisco IOS IPS?
A. It uses the underlying routing infrastructure to provide an additional layer of security.
B. It works in passive mode so as not to impact traffic flow.
C. It supports the complete signature database as a Cisco IPS sensor appliance.
D. The signature database is tied closely with the Cisco IOS image.
Explanation/Reference:
Explanation:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet 0900aecd803137cf.html
Get Latest & Actual 640-554 Exam’s Question and Answers from Passleader.
http://www.passleader.com
Product Overview
In today’s business environment, network intruders and attackers can come from outside or inside the network.
They can launch distributed denial-of-service attacks, they can attack Internet connections, and they can exploit network and host vulnerabilities. At the same time, Internet worms and viruses can spread across the world in a matter of minutes. There is often no time to wait for human intervention-the network itself must possess the intelligence to recognize and mitigate these attacks, threats, exploits, worms and viruses.
Cisco IOS Intrusion Prevention System (IPS) is an inline, deep-packet inspection-based solution that enables Cisco IOS Software to effectively mitigate a wide range of network attacks. While it is common practice to defend against attacks by inspecting traffic at data centers and corporate headquarters, distributing the network level defense to stop malicious traffic close to its entry point at branch or telecommuter offices is also critical.
Cisco IOS IPS: Major Use Cases and Key Benefits
IOS IPS helps to protect your network in 5 ways:
Key Benefits
Provides network-wide, distributed protection from many attacks, exploits, worms and viruses exploiting vulnerabilities in operating systems and applications Eliminates the need for a standalone IPS device at branch and telecommuter offices as well as small and medium-sized business networks Unique, risk rating based signature event action processor dramatically improves the ease of management of IPS policies
Offers field-customizable worm and attack signature set and event actions Offers inline inspection of traffic passing through any combination of router LAN and WAN interfaces in both directions
Works with Cisco IOS Firewall, control-plane policing, and other Cisco IOS Software security features to protect the router and networks behind the router Supports more than 3700 signatures from the same signature database available for Cisco Intrusion Prevention System (IPS) appliances