What level of the FIPS 140-2 standard specifies intrusion detection and prevention?

The FIPS 140-2 standard, which provides a framework for evaluating the security of cryptographic modules, includes different levels that define security requirements. Level 3 of this standard is where intrusion detection and prevention features are mandated. At this level, the security mechanisms ensure that physical tampering with the cryptographic module triggers the appropriate responses. Specifically, it requires mechanisms that detect unauthorized physical access and can also take actions to mitigate such intrusions, thereby providing enhanced security over the lower levels. Levels 1 and 2 do not require these advanced intrusion detection and prevention mechanisms, focusing more on the basic security functionalities and key management, while Level 4 adds additional measures for environmental controls and physical security but is more stringent than what is necessary solely for intrusion detection. This makes Level 3 the correct choice for specifying these capabilities.