Which of the following is a drawback of Network-based IDSs?

A.
It cannot analyze encrypted information.

B.
It is very costly to setup.

C.
It is very costly to manage.

D.
It is not effective.

Explanation:
Network-based IDSs cannot analyze encrypted information. This problem is increasing as more
organizations (and attackers) use virtual private networks. Most network-based IDSs cannot tell
whether or not an attack was successful; they can only discern that an attack was initiated. This
means that after a network-based IDS detects an attack, administrators must manually investigate
each attacked host to determine whether it was indeed penetrated.