The Intrusion Prevention (IPS) module performs stateful traffic analysis to detect and block exploit attempts and malicious activity in network traffic, tracking the state of network connections and analyzing packet sequences to identify threats.
From the official documentation:
"The Intrusion Prevention module analyzes network traffic using deep packet inspection and stateful traffic analysis to block known and unknown threats, including vulnerability exploits."
Option D is correct.
Option A is handled by Integrity Monitoring.
Option B (port scanning) is a network reconnaissance activity and may be detected but is not a core operation of IPS.
Option C (application traffic control) is typically managed by Firewall, not IPS.
[References:, , Trend Micro Deep Security 20 LTS Administrator’s Guide: Intrusion Prevention Module, , Trend Micro Deep Security Online Help: How IPS Works, ]
Submit