A cloud administrator is tasked with selecting a security tool for monitoring network traffic and protecting against malware in a cloud environment. However, the administrator must ensure that the deployment of this tool has a minimal impact on system performance. Which of the following would be the BEST option to use?
An agent-based intrusion detection system (IDS) operates on the host system and has direct access to host resources, which can lead to heightened system performance impact. In contrast, a network-based IDS monitors network traffic for suspicious activity at the network level, rather than on individual host systems, which is generally less intrusive to system performance while still maintaining security monitoring capabilities. Port scanners and vulnerability scanners are tools used for identifying potential vulnerabilities and are not typically deployed continuously, thus not the best options for ongoing traffic monitoring and malware protection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a network-based intrusion detection system (IDS)?
Open an interactive chat with Bash
How does an agent-based intrusion detection system (IDS) differ from a network-based IDS?
Open an interactive chat with Bash
What are the roles of port scanners and vulnerability scanners?