Which system actively monitors network traffic for malicious activity and attempts to prevent attacks?

The correct choice is the Intrusion Prevention System (IPS) because it is designed specifically to actively monitor network traffic and respond to potential threats in real-time. An IPS analyzes incoming and outgoing traffic and utilizes detection policies to identify malicious activity. Upon detection of an attack or breach, the system can take immediate actions, such as blocking traffic, alerting system administrators, or even reconfiguring firewall rules to mitigate the threat.

This capability to not only detect but also actively prevent attacks differentiates an IPS from other types of security systems. For instance, while a firewall controls incoming and outgoing traffic based on predetermined security rules, it does not have the proactive threat detection capabilities of an IPS. An Intrusion Detection System (IDS) focuses on monitoring and logging suspicious activities but does not take direct action to prevent intrusions. Similarly, a proxy server acts as an intermediary for requests from clients seeking resources from other servers but is not tailored for directly monitoring or responding to malicious network traffic. Therefore, the function of preventing attacks is notably characteristic of an IPS.