Question 28: You are working as a head of IT security in one of the retail bank, your web applications and other databases are hosted on AWS. You have been using all the services from AWS to protect the data. You are still worried about the ......................./IPS (Intrusion Detection and Prevention System). Which of the following you can use for that?

1. You will be using Network ACL and all the CloudTrail logs to get network events.
2. You will be using KMS solution to encrypt all the traffic on your network and monitor any suspicious activity using CloudWatch.
3. Correct Answer..... Deep Security.
4. You will be using third party IAM solution like OneLogin.

Ans: C

Detailed Explanation: If you read question, it requires solution for IDS/IPS Intrusion Detection. Intrusion Detection is required to analyze the network traffic and each data packet needs to be analyzed.

If you check option

Option-1: Network ACL is good for avoiding unwanted traffic, but it cannot analyze the data packets and reports any vulnerability. Hence, it can not correct answer.

Option-2: KMS is AWS managed solution ..........

Option-3: .........................

IDS/DPS Infrastructure security: Sometimes you may need third party solution as well to protect your infrastructure and one of them is below.

1. IDS/IPS : Intrusion detection and prevention system

1. IDS/IPS prevent network attacks and breaches of their IT env.
2. Intrusion Detection monitor inbound and outbound network traffic to discover unusual activity which can be used an attempt to gain access to an IT env.
3. A very co................