Information Security Officer Question:
Download Questions PDF

Do you know what is the difference between an HIDS and a NIDS?

Answer:

Both acronyms are Intrusion Detection Systems, however the first is a Host Intrusion Detection System whereas the second is a Network Intrusion Detection System. An HIDS runs as a background utility in the same as an anti-virus program for instance, while a Network Intrusion Detection System sniffs packets as they go across the network looking for things that aren’t quite ordinary. Both systems have two basic variants: signature based and anomaly based. Signature based is very much like an anti-virus system, looking for known values of known ‘bad things’, while anomaly looks more for network traffic that doesn’t fit the usual pattern of the network. This requires a bit more time to get a good baseline, but in the long term can be better on the uptake for custom attacks.

Download Information Security Professional Interview Questions And Answers PDF

Previous QuestionNext Question
Do you know what’s the difference between Symmetric and Asymmetric encryption?Tell me are open-source projects more or less secure than proprietary ones?