Free CompTIA Security+ SY0-701 Practice Question

An Intrusion Detection System (IDS) operates passively by monitoring network traffic and alerting administrators to suspicious activities without interfering with the traffic flow or introducing latency. It does not become a point of failure because it does not sit inline with the network traffic. In contrast, an Intrusion Prevention System (IPS) actively analyzes and can block or modify traffic to prevent threats, potentially introducing latency and becoming a point of failure. A firewall filters network traffic and can affect performance or interfere with legitimate traffic. A Content Filter inspects and potentially blocks specific content, which can also interfere with traffic and introduce latency.