EC-Council
312-50V10 · Question #116
312-50V10 Question #116: Real Exam Question with Answer & Explanation
The correct answer is C: Network-based intrusion detection system (NIDS). A Network-based Intrusion Detection System (NIDS) monitors traffic across entire network segments, making it ideal for large environments and protecting critical or sensitive network areas.
Evading IDS, Firewalls, and Honeypots
Question
Which Intrusion Detection System is the best applicable for large environments where critical assets on the network need extra security and is ideal for observing sensitive network segments?
Options
- AHoneypots
- BFirewalls
- CNetwork-based intrusion detection system (NIDS)
- DHost-based intrusion detection system (HIDS)
Explanation
A Network-based Intrusion Detection System (NIDS) monitors traffic across entire network segments, making it ideal for large environments and protecting critical or sensitive network areas.
Common mistakes.
- A. Honeypots are deception-based traps designed to lure and study attackers - they are not intrusion detection systems and do not monitor or protect production network segments.
- B. Firewalls enforce access control policies by allowing or denying traffic - they are perimeter controls, not intrusion detection systems, and do not analyze traffic for attack patterns.
- D. HIDS is installed on individual hosts and monitors local activity such as file changes and system calls - it lacks the network-wide visibility needed to observe traffic across large or sensitive network segments.
Concept tested. NIDS applicability for large network environments
Reference. https://csrc.nist.gov/glossary/term/network_based_intrusion_detection_system
Topics
#NIDS#IDS types#network monitoring#network segments
Community Discussion
No community discussion yet for this question.