New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 8 Question 68 Discussion

Actual exam question for GIAC's GCED exam
Question #: 68
Topic #: 8
[All GCED Questions]

Throughout the week following a new IPS deployment, nearly every user on the protected subnet submits helpdesk tickets regarding network performance and not being able to access several critical resources. What is the most likely reason for the performance issues?

Show Suggested Answer Hide Answer
Suggested Answer: A

When deploying an IPS, you should carefully monitor and tune your systems and be aware of the risks involved. You should also have an in-depth understanding of your network, its traffic, and both its normal and abnormal characteristics. It is always recommended to run IPS and active response technologies in test mode for a while to thoroughly understand their behavior.

If the IPS had been previously powered off the performance issues would have impacted all network traffic, not just critical resources, and the issue would have begun on day 1 of deployment.

A hardware failure of the TAP would bring connectivity to a stop, not just impact users access to critical resources.

If the IPS and/or TAP cannot keep up with traffic, the user's issues would have been more sporadic, rather than focused on a sudden loss to critical resources.


by Charisse at Aug 16, 2025, 12:01 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Reynalda
2 months ago
Wait, are we sure it’s not a hardware failure? That seems possible too.
upvoted 0 times
...
Britt
2 months ago
I totally agree, that would definitely cause issues.
upvoted 0 times
...
Yuriko
2 months ago
Sounds like a classic case of the IPS sensor being switched to production mode.
upvoted 0 times
...
Jannette
3 months ago
I think the TAP buffer overflow is more likely, honestly.
upvoted 0 times
...
Desire
3 months ago
Really? I’m surprised it’s not just a simple config error.
upvoted 0 times
...
Aimee
3 months ago
If the IPS was powered off or moved out of band, that would definitely explain the access problems, but I feel like that's less common.
upvoted 0 times
...
Frank
3 months ago
I practiced a similar question where a hardware failure caused performance issues, but I don't recall if that's likely here.
upvoted 0 times
...
Kassandra
4 months ago
I think the TAP buffer overflow could be a possibility, especially if there was a lot of traffic right after deployment.
upvoted 0 times
...
Martha
4 months ago
I remember reading that changing the IPS from test to production mode can cause issues, but I'm not sure if that's the main reason here.
upvoted 0 times
...
Leonie
4 months ago
I think the answer is D - the IPS sensor was powered off or moved out of band. That would explain the widespread performance and access issues across the network.
upvoted 0 times
...
Stephen
4 months ago
I'm not sure about this one. The options all seem plausible, but I'm not sure which one is the most likely. I'll have to review the details of the question again.
upvoted 0 times
...
Colene
4 months ago
I'm pretty confident the answer is C - the IPS sensor was changed from test mode to production mode. That would definitely cause performance issues and access problems.
upvoted 0 times
...
Magdalene
5 months ago
Okay, let's see. The question mentions performance issues and users not being able to access critical resources, so it's probably related to the IPS deployment in some way.
upvoted 0 times
...
Jesusita
5 months ago
Hmm, this seems like a tricky one. I'll need to think through the different options carefully to figure out the most likely reason.
upvoted 0 times
...
Louvenia
5 months ago
I agree with Robt, option A makes the most sense based on the symptoms described.
upvoted 0 times
...
Robt
6 months ago
I'm leaning towards option A, the TAP buffer might be overflowing.
upvoted 0 times
...
Son
6 months ago
I disagree, I believe it could be option D.
upvoted 0 times
...
Arthur
6 months ago
I think the most likely reason is option C.
upvoted 0 times
...

Save Cancel