312-50V13 · Question #179
312-50V13 Question #179: Real Exam Question with Answer & Explanation
The correct answer is B: Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic. The false statement about Intrusion Detection Systems (IDS) is that they can easily distinguish a malicious payload in encrypted traffic, as encryption significantly obstructs their ability to inspect content.
Question
Which of the following statements is FALSE with respect to Intrusion Detection Systems?
Options
- AIntrusion Detection Systems can be configured to distinguish specific content in network packets
- BIntrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
- CIntrusion Detection Systems require constant update of the signature library
- DIntrusion Detection Systems can examine the contents of the data n context of the network
Explanation
The false statement about Intrusion Detection Systems (IDS) is that they can easily distinguish a malicious payload in encrypted traffic, as encryption significantly obstructs their ability to inspect content.
Common mistakes.
- A. This is true; rule-based or signature-based IDS are designed to examine packet content for malicious patterns.
- C. This is true; signature-based IDS require frequent updates to their signature libraries to detect new and evolving threats.
- D. This is true; Network-based IDS (NIDS) specifically monitor network traffic, examining data to identify suspicious activity within the network context.
Concept tested. IDS limitations with encrypted traffic
Reference. https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/intrusion-detection-system
Topics
Community Discussion
No community discussion yet for this question.