Certified Information Security Manager (CISM) — Question 701

Which of the following is the GREATEST benefit of using a network-based intrusion prevention system (IPS)?

Answer options

• A. The ability to review and monitor data streams by network segment
• B. The ability to shut down or block suspicious connections
• C. Increased visibility into user web surfing
• D. Centralized controls for incident handling

Correct answer: B

Explanation

The correct answer, B, highlights the IPS's primary function of actively blocking or terminating potentially harmful connections, which is crucial for preventing attacks. Options A and C focus on monitoring and visibility, which, while important, do not provide the immediate protective action that an IPS does. Option D relates to management aspects but lacks the direct impact on security that blocking threats provides.