An IDS is typically positioned out of band to passively monitor network traffic. It analyzes traffic copies and sends alerts when suspicious activity is detected but does not actively block packets. An IPS, by contrast, is placed inline and can automatically take preventive actions-such as dropping or rejecting malicious packets-to stop the threat in real time. Therefore, the only statement that correctly distinguishes these roles is the option describing an IDS as passive (alert-only) and an IPS as active (blocking).
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the main function of an Intrusion Detection System (IDS)?
Open an interactive chat with Bash
How does an Intrusion Prevention System (IPS) differ from an IDS?
Open an interactive chat with Bash
What are some examples of how an IPS can mitigate threats?