Theresa implements a network-based IDS. What can she do to traffic that passes through the IDS?
Answer Options
Review the traffic based on rules and detect and alert about unwanted or undesirable traffic.
Review the traffic based on rules and detect and stop traffic based on those rules.
Detect sensitive data being sent to the outside world and encrypt it as it passes through the IDS.
All of the above.
Correct Answer: A
Explanation
IDSs, or intrusion detection systems, can only detect unwanted and malicious traffic based on the detection rules and signatures that they have. They cannot stop traffic or modify it. An IPS, or intrusion prevention system, that is placed in line with network traffic can take action on that traffic. Thus, IDSs are often used when it is not acceptable to block network traffic, or when a tap or other network device is used to clone traffic for inspection.