CISM Certified Information Security Manager – Question1374 - CISM Certified Information Security Manager

An intrusion detection system (IDS) should:

A. run continuously
B. ignore anomalies
C. require a stable, rarely changed environment
D. be located on the network

Correct Answer: A

Explanation:

Explanation:
If an intrusion detection system (IDS) does not run continuously the business remains vulnerable. An IDS should detect, not ignore anomalies. An IDS should be flexible enough to cope with a changing environment. Both host and network based IDS are recommended for adequate detection.