ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 913 discussion

Actual exam question from Isaca's CISA
Question #: 913
Topic #: 1
[All CISA Questions]

The GREATEST limitation of a network-based intrusion detection system (IDS) is that it:

  • A. provides only for active rather than passive IDS monitoring
  • B. does not monitor for denial of service (DoS) attacks
  • C. consumes excessive network resources for detection
  • D. does not detect attacks originating on the server hosting the IDS
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by saado9 at March 19, 2023, 4:12 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
KAP2HURUF
12 months ago
Selected Answer: D
D. Does not detect attacks originating on the server hosting the IDS: This is a significant limitation. Network-based IDSs are designed to monitor traffic passing through the network. They do not have visibility into activities occurring directly on a server, such as a compromised server initiating attacks or malicious actions. For such detection, a host-based intrusion detection system would be required.Cmiiw
upvoted 2 times
...
3008
1 year ago
Selected Answer: D
D is correct.
upvoted 2 times
...
SuperMax
1 year, 3 months ago
Selected Answer: C
The GREATEST limitation of a network-based intrusion detection system (IDS) among the options provided is: C. consumes excessive network resources for detection Network-based IDS systems can indeed consume significant network resources, especially if they are deployed in a high-traffic network environment. This is because they need to inspect network traffic in real-time, which involves analyzing packets and looking for patterns or anomalies. In busy networks, this can lead to performance degradation and resource utilization concerns. It's essential to carefully plan and tune network-based IDS to minimize its impact on network performance.
upvoted 1 times
3008
1 year ago
Nonsense
upvoted 1 times
...
...
JONESKA
1 year, 5 months ago
Should be D. A network-based IDS is designed to monitor and analyze network traffic to identify potential security threats and attacks. However, it operates at the network perimeter and cannot detect attacks that originate from within the network it is supposed to protect, specifically from the server hosting the IDS itself.
upvoted 4 times
...
saado9
1 year, 9 months ago
D. does not detect attacks originating on the server hosting the IDS
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel