Which of the following is a process that identifies critical information to determine if friendly actions
can be observed by adversary intelligence systems?
A.
IDS
B.
OPSEC
C.
HIDS
D.
NIDS
Explanation:
OPSEC (Operations Security) is a process that identifies critical information to determine if friendly
actions can be observed by adversary intelligence systems, and if information obtained by
adversaries could be interpreted to be useful to them. After obtaining the information, the process
executes selected measures that eliminate or reduce adversary exploitation of friendly critical
information.
Answer option C is incorrect. A host-based intrusion detection system (HIDS) is an intrusion
detection system that monitors and analyses the internals of a computing system rather than the
network packets on its external interfaces. A host-based Intrusion Detection System (HIDS) monitors
all or parts of the dynamic behavior and the state of a computer system. HIDS look at the state of a
system, its stored information, whether in RAM, in the file system, log files or elsewhere; and check
that the contents of these appear as expected.
Answer option A is incorrect. An Intrusion detection system (IDS) is used to detect unauthorized
attempts to access and manipulate computer systems locally or through the Internet or an intranet.
It can detect several types of attacks and malicious behaviors that can compromise the security of a
network and computers. This includes network attacks against vulnerable services, unauthorized
logins and access to sensitive data, and malware (e.g. viruses, worms, etc.). An IDS also detects
attacks that originate from within a system. In most cases, an IDS has three main components:Sensors, Console, and Engine. Sensors generate security events. A console is used to alert and
control sensors and to monitor events. An engine is used to record events and to generate security
alerts based on received security events. In many IDS implementations, these three components are
combined into a single device. Basically, following two types of IDS are useD.
Network-based IDS
Host-based IDS
Answer option D is incorrect. A network intrusion detection system (NIDS) is an intrusion detection
system that tries to detect malicious activity such as denial of service attacks, port scans or even
attempts to crack into computers by monitoring network traffic. A NIDS reads all the incoming
packets and tries to find suspicious patterns known as signatures or rules. It also tries to detect
incoming shell codes in the same manner that an ordinary intrusion detection systems does.