Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-based
IDS over a host-based IDS, assuming all capabilities are equal?
Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-based
IDS over a host-based IDS, assuming all capabilities are equal?
A network-based IDS has the advantage of being segregated from host systems, which means it is less likely to be compromised in the same manner as a host-based system. This segregation enhances security by allowing the IDS to monitor network traffic independently of the integrity of individual hosts, making it more resilient to attacks targeting specific systems. Network access is not a valid advantage since both types of IDS would have access to network resources. Scalability, while important, does not directly address the security-specific benefits of segregation. External to system patching is also a lesser concern compared to the primary advantage of segregation.
Scalibility should be the answer.
Scalability in cloud computing refers to the ability to increase or decrease IT resources as needed to meet changing demand.
C. Scalability
C: Scalability
NIDS would have network access as opposed to HIDS which only have host related network access.
The "best" answer is A.
For the context of CCSP, when discussing the advantage of network-based IDS over host-based IDS, considering that all other capabilities are equal, one significant advantage of a network-based IDS is indeed its segregation from host systems (Option A). This positioning allows the network-based IDS to monitor traffic and activities without being directly affected by compromises or alterations on individual host systems.