An Intrusion Prevention System (IPS) is designed to automatically block or mitigate malicious network traffic in real time. Unlike an IDS, which only detects threats, an IPS performs inline traffic inspection and takes active action—such as dropping malicious packets, blocking connections, or updating firewall rules. This matches the requirement for an automated system that responds immediately to inbound threats.
Security+ SY0-701 highlights IPS as a preventive control that detects signature-based, anomaly-based, and behavioral threats, including exploits, malware, and command-and-control activity. IPS systems are essential in defending against fast-moving attacks where human response time is too slow.
UEM (A) manages endpoints but does not block inbound network threats.
WAF (C) protects web applications, not the entire network.
VPN (D) provides secure tunnels but does not prevent malicious inbound traffic.
Thus, B: IPS is the best solution for automatic threat blocking.
