A network administrator is deploying an inline intrusion prevention system (IPS). Security policy dictates that if the IPS software crashes or the appliance loses power, no traffic may bypass inspection. Which of the following failure modes should the administrator configure on the IPS to satisfy this requirement?
Fail-closed (sometimes called fail-secure) means that when a security control becomes unavailable, it blocks or denies traffic instead of allowing it to pass unchecked. Configuring the IPS to fail-closed therefore prevents uninspected packets from traversing the network during an outage. Fail-open does the opposite-it allows all traffic for the sake of availability. Fail-safe focuses on protecting other components, often by bypassing the device rather than dropping traffic, and failover relies on redundant equipment rather than a traffic-blocking posture.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'fail-closed' mean in a security context?
Open an interactive chat with Bash
What are the implications of using fail-closed versus fail-open?