Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 193
Which system monitors local system operation and local network access for violations of a security policy?
Answer options
- A. host-based data loss prevention
- B. host-based intrusion detection
- C. antivirus
- D. sandbox
Correct answer: B
Explanation
The correct answer, host-based intrusion detection, is designed specifically to monitor and analyze system activity for signs of unauthorized access or policy violations. Host-based data loss prevention focuses on preventing data leaks, antivirus software targets malware detection, and sandbox environments are used for safely executing untested code, none of which primarily monitor for security policy violations.