All the answer choices are actually description of either IDS or IPS, none of them compare
2 Answers
The descriptions really provide the main clue. IDS (Detection) will monitor traffic and provide alerts, but won’t take automatic action against threats, instead relying on administrators to evaluate the threat and take action whereas IPS (Prevention) will make attempts to mitigate threats realtime. IDS is not ‘in-line’ while IPS is ‘inline’ and one of the challenges with IPS is making sure false positives are not adversely impacting your customers.
Here’s a decent blog that provides a nice overview of this: IDS vs. IPS: What’s the Difference?
Agree.. The question asks what is the "difference", not which statement is "most true" of either an IDS or IDS. It’s odd that we’re being tested on grammatical analysis that doesn’t seem to make sense.
Echo the same…the question is about the difference not about the correct statement and trying to confuse people with awkward writings does not help the learnings. I am not sure if the real exam has similar questions…