To prevent all attacks

To detect unauthorized access

To encrypt sensitive data

To manage network traffic

A type of firewall

A method for logging network activity

A system that can both detect and prevent intrusions

A system that only detects intrusions

Traffic analysis and packet filtering

Anomaly based detection and heuristic detection

Behavioral analysis and pattern matching

Signature based detection and anomaly based detection

They are too expensive to implement

They can generate a high number of false alarms

They require constant manual monitoring

They are ineffective against known attacks

Network-based IDS

Host-based IDS

Distributed IDS

Centralized IDS

An attack was missed by the IDS

No attack occurred

An attack was detected correctly

A legitimate activity was misidentified as an attack

Increasing network bandwidth

Ignoring the alert

Blocking the source IP address

Rebooting the network