The Intrusion Prevention Module (IPS) performs deep packet inspection, examining both the headers and payload of network packets to detect and block exploits, malware, and other threats. It is not limited to header analysis and is not responsible for file integrity or application control.
From the official documentation:
"The Intrusion Prevention module inspects the payload and headers of network traffic to detect and block exploits and attacks. It uses deep packet inspection techniques to identify malicious content and suspicious patterns in network data."
Option B is correct.
Option A is only partially true (IPS looks at more than just headers).
Option C is handled by Integrity Monitoring, not IPS.
Option D is handled by Application Control, not IPS.
[References:, , Trend Micro Deep Security 20 LTS Administrator’s Guide — Intrusion Prevention, , Trend Micro Deep Security Help: Intrusion Prevention Overview]
Submit