Of the intrusion detection capabilities listed below, which is FALSE for a network based IDS
system?

A.
A network based IDS system can detect attacks in progress, attack patterns within the network
and malicious activities.

B.
A network based IDS system can detect dial-in intrusions and attempts to physically access the
server.

C.
A network based IDS system can see packet header information, which is invisible to hostbased IDS systems.

D.
A network based IDS system can monitor and report on all network traffic, based on where it is
located.

Explanation:

In a passive system, the IDS detects a potential security breach, logs the information and signals
an alert. In a reactive system, the IDS responds to the suspicious activity by logging off a user or
by reprogramming the firewall to block network traffic from the suspected malicious source.