What feature is common to an Intrusion Prevention System (IPS)?

An Intrusion Prevention System (IPS) is designed to protect networks by actively monitoring and analyzing traffic. One of its key features is that it compares incoming and outgoing traffic against a signature database. This signature database contains known patterns of malicious activity, allowing the IPS to identify and potentially block threats in real-time based on these predefined signatures. By utilizing signature-based detection, an IPS can provide timely and effective defense against recognized security threats.

The other options do not accurately describe the fundamental capabilities of an IPS. An IPS does not only analyze traffic retrospectively; instead, it analyzes traffic in real-time to provide immediate response. It also operates at multiple layers of the OSI model, rather than solely at the application layer, which means it can examine headers and payloads at various network levels. Lastly, an IPS is designed to automatically block or prevent threats without requiring manual intervention, which enhances its effectiveness and responsiveness to attacks.