CISSP · Question #313
What can happen when an Intrusion Detection System (IDS) is installed inside a firewall- protected internal network?
The correct answer is A. The IDS can detect failed administrator logon attempts from servers.. An Intrusion Detection System (IDS) is a monitoring system that detects suspicious activities and generates alerts when they are detected. An IDS can be installed inside a firewall-protected internal network to monitor the traffic within the network and identify any potential thr
Question
Options
- AThe IDS can detect failed administrator logon attempts from servers.
- BThe IDS can increase the number of packets to analyze.
- CThe firewall can increase the number of packets to analyze.
- DThe firewall can detect failed administrator login attempts from servers
How the community answered
(20 responses)- A80% (16)
- B10% (2)
- C5% (1)
- D5% (1)
Explanation
An Intrusion Detection System (IDS) is a monitoring system that detects suspicious activities and generates alerts when they are detected. An IDS can be installed inside a firewall-protected internal network to monitor the traffic within the network and identify any potential threats or anomalies. One of the scenarios that an IDS can detect is failed administrator logon attempts from servers. This could indicate that an attacker has compromised a server and is trying to escalate privileges or access sensitive data. An IDS can alert the security team of such attempts and help them to investigate and respond to the incident.
Topics
Community Discussion
No community discussion yet for this question.