0
0
Cybersecurityknowledge~5 mins

Intrusion Detection Systems (IDS) in Cybersecurity - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualPracticeChallengeProjectRecallTime
Recall & Review
beginner
What is an Intrusion Detection System (IDS)?
An IDS is a security tool that monitors network or system activities for malicious actions or policy violations and alerts administrators when suspicious activity is detected.
Click to reveal answer
beginner
Name the two main types of IDS based on deployment location.
The two main types are Network-based IDS (NIDS), which monitors network traffic, and Host-based IDS (HIDS), which monitors activities on individual devices.
Click to reveal answer
intermediate
How does signature-based IDS detect threats?
Signature-based IDS detects threats by comparing network or system activity against a database of known attack patterns or signatures.
Click to reveal answer
intermediate
What is the main difference between IDS and IPS?
IDS detects and alerts about suspicious activity but does not block it, while Intrusion Prevention Systems (IPS) can detect and actively block or prevent attacks.
Click to reveal answer
intermediate
Why is false positive reduction important in IDS?
Reducing false positives is important because too many incorrect alerts can overwhelm security teams, causing real threats to be missed or ignored.
Click to reveal answer
Which type of IDS monitors traffic on a network?
AAnomaly-based IDS
BHost-based IDS
CSignature-based IDS
DNetwork-based IDS
What does a signature-based IDS rely on to detect attacks?
ARandom sampling
BKnown attack patterns
CUser behavior analysis
DEncryption keys
Which of the following is NOT a function of an IDS?
ABlocking attacks automatically
BAlerting administrators about suspicious activity
CMonitoring system logs
DDetecting policy violations
What is a common challenge when using IDS?
ALack of network access
BInability to monitor logs
CToo many false positives
DNo alerts generated
Host-based IDS primarily monitors:
AIndividual device activities
BInternet traffic
CFirewall settings
DEmail servers
Explain the difference between Network-based IDS and Host-based IDS.
Think about where the IDS is placed and what it watches.
You got /3 concepts.
    Describe how signature-based and anomaly-based IDS differ in detecting threats.
    Consider how each method identifies suspicious activity.
    You got /3 concepts.