Which of the following technologies is used to monitor network traffic and notify if any potential threats or attacks are noticed?
Which of the following technologies is used to monitor network traffic and notify if any potential threats or attacks are noticed?
An intrusion detection system (IDS) is specifically designed to monitor network traffic and notify administrators when potential threats or attacks are noticed. Unlike other technologies such as IPS (Intrusion Prevention System) or firewalls, which can also prevent suspicious activities, IDS focuses on detection and alerting without actively preventing the traffic.
Is this real question in exam. Looks like a joke. IPS and Firewalls also can "Monitor" and prevent the network traffic
Keyword is 'notify'. IDS is the only one that will notify in real time. IPS will go ahead and prevent the payload and/or reconfigure device. You will need to monitor the SIEM to see logs of the others.
Question is not about Prevent, we need to pay attention to each word in the question
YES ITS ASKING JUST ABOUT MONITOR -- SO IDS WOULD BE THE BEST ANSWER
D. IDS
An Intrusion Detection System (IDS) is designed to monitor network traffic and alert administrators when it detects suspicious activities or potential threats. While an IPS (Intrusion Prevention System) also monitors traffic, it takes the additional step of blocking the threats, whereas an IDS is primarily focused on detection and notification.