4.9. Exam Essentials
Be able to identify and describe the two types of intrusion detection systems in use
The two types of IDSs in use are host-based (HIDS) and network-based (NIDS). Host-based IDS works strictly on the system on which it's installed. Network-based IDS monitors the entire network.
Be able to identify and explain the terms and functions in an IDS environment
These terms include activity, administrator, alert, analyzer, data source, event, manager, notification, operator, and sensor. For simplicity's sake, some of these systems are combined in IDSs, but they're all functions that must be performed to be effective.
Know the difference between an active response and a passive response
An active response allows an IDS to manage ...
Get CompTIA Security+™ Deluxe: Study Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
