Keith, a network administrator, has been asked to passively monitor network traffic for potential malicious activities to the company's sales websites. Which of the following would be BEST suited for this task?
A Network Intrusion Detection System (NIDS) passively monitor network and systems for malicious activities.
Wikipedia
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarmsIDS types range in scope from single computers to large networks The most common classifications are network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS) A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming network traffic is an example of an NIDS