Which of the following monitors network traffic in real time?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
This type of IDS is called a network-based IDS because monitors network traffic in real time.
Source: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 48.
The correct answer is A. network-based IDS.
An Intrusion Detection System (IDS) is a security technology that monitors network or system activity for malicious activity or policy violations. IDSs come in different types, including network-based IDS (NIDS), host-based IDS (HIDS), application-based IDS (AIDS), and firewall-based IDS (FIDS).
A network-based IDS is designed to monitor network traffic in real time, analyzing the traffic and looking for signs of malicious activity. NIDS is typically deployed at strategic points within a network to monitor traffic passing through those points. This allows NIDS to detect and respond to attacks in real-time as they occur.
A host-based IDS, on the other hand, is designed to monitor the activity of individual hosts or systems. HIDS is typically deployed on individual systems to monitor activity on that system. This allows HIDS to detect and respond to attacks that originate from within the system.
An application-based IDS is designed to monitor specific applications or services for malicious activity. AIDS is typically deployed on servers that are running critical applications or services, such as web servers or database servers.
A firewall-based IDS is designed to monitor traffic passing through a firewall. FIDS is typically deployed as part of a firewall or security appliance and monitors traffic passing through the firewall to detect and respond to attacks.
In summary, the correct answer is A. network-based IDS, which is designed to monitor network traffic in real time and detect and respond to attacks as they occur.