nerdexam
GIAC

GSEC · Question #170

GSEC Question #170: Real Exam Question with Answer & Explanation

The correct answer is B. HIDS. A Host-based Intrusion Detection System (HIDS) monitors processes and activities on a specific host and can detect or respond to malicious behavior at the system level.

Question

Which of the following monitors program activities and modifies malicious activities on a system?

Options

  • ABack door
  • BHIDS
  • CNIDS
  • DRADIUS

Explanation

A Host-based Intrusion Detection System (HIDS) monitors processes and activities on a specific host and can detect or respond to malicious behavior at the system level.

Common mistakes.

  • A. A back door is a covert method for bypassing normal authentication to gain unauthorized access - it is an attack vector, not a monitoring or defense tool.
  • C. NIDS (Network-based Intrusion Detection System) monitors network traffic for suspicious patterns but does not inspect program activities or process-level behavior on individual hosts.
  • D. RADIUS is an AAA (Authentication, Authorization, Accounting) protocol used for network access control and has no capability to monitor or respond to malicious program activity.

Concept tested. Host-based intrusion detection system function

Reference. https://csrc.nist.gov/publications/detail/sp/800-94/final

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSEC Practice