Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 22

Which system monitors local system operation and local network access for violations of a security policy?

Answer options

• A. host-based intrusion detection
• B. systems-based sandboxing
• C. host-based firewall
• D. antivirus

Correct answer: A

Explanation

The correct answer is A, as host-based intrusion detection systems specifically track local operations and network access to detect security policy violations. Options B and C do not focus on monitoring for policy violations, with B being more about isolated environments, while C primarily filters incoming and outgoing traffic. Option D, antivirus, is designed to detect and remove malware but does not monitor network access for policy compliance.