CISA Certified Information Systems Auditor – Question1842

What is wrong with a Black Box type of intrusion detection system?

A.
you cannot patch it
B. you cannot test it
C. you cannot examine its internal workings from outside.
D. you cannot tune it
E. None of the choices.

Correct Answer: C

Explanation:

Explanation:
“An intrusion detection system should be able to run continually without human supervision. The system must be reliable enough to allow it to run in the background of the system being observed. However, it should not be a “black box”, because you want to ensure its internal workings are examinable from outside.”