Which of the following is an example of a passive security measure?

Network monitoring is considered a passive security measure because it involves observing and analyzing system activities without directly intervening in them. The objective of network monitoring is to detect activities or anomalies that could indicate security incidents, such as unauthorized access attempts or unusual traffic patterns, without altering or blocking the data flow actively.

In contrast, intrusion prevention systems actively take measures to block or mitigate threats once detected, making them proactive rather than passive. Encryption secures data by encoding it, and access control lists define permissions for users or systems to access various resources, both of which are also proactive security mechanisms. Passive security measures focus on surveillance and detection rather than directly influencing the system or network behavior. Therefore, network monitoring stands out as the option that aligns with the defining characteristics of a passive security approach.