Of the intrusion detection capabilities listed below, which is FALSE for a network based IDS
system?
A.
A network based IDS system can detect attacks in progress, attack patterns within the network
and malicious activities.
B.
A network based IDS system can detect dial-in intrusions and attempts to physically access the
server.
C.
A network based IDS system can see packet header information, which is invisible to hostbased IDS systems.
D.
A network based IDS system can monitor and report on all network traffic, based on where it is
located.
Explanation:
In a passive system, the IDS detects a potential security breach, logs the information and signals
an alert. In a reactive system, the IDS responds to the suspicious activity by logging off a user or
by reprogramming the firewall to block network traffic from the suspected malicious source.