Which of the following is a drawback of Network-based IDSs?
A.
It cannot analyze encrypted information.
B.
It is very costly to setup.
C.
It is very costly to manage.
D.
It is not effective.
Explanation:
Network-based IDSs cannot analyze encrypted information. This problem is increasing as
more organizations (and attackers) use virtual private networks. Most network-based
IDSs cannot tell whether or not an attack was successful; they can only discern that an
attack was initiated. This means that after a network-based IDS detects an attack,
administrators must manually investigate each attacked host to determine whether it was
indeed penetrated.