CompTIA CASP+ (CAS-004) — Question 597

A company's Chief Information Officer wants to implement IDS software onto the current system's architecture to provide an additional layer of security. The software must be able to monitor system activity, provide information on attempted attacks, and provide analysis of malicious activities to determine the processes or users involved.
Which of the following would provide this information?

Answer options

• A. HIPS
• B. UEBA
• C. HIDS
• D. NIDS

Correct answer: C

Explanation

HIDS (Host Intrusion Detection System) is specifically designed to monitor system activity and detect any malicious behavior, making it the correct choice. HIPS (Host Intrusion Prevention System) focuses on blocking attacks rather than just monitoring. UEBA (User and Entity Behavior Analytics) analyzes user behavior patterns but does not monitor system activity directly. NIDS (Network Intrusion Detection System) monitors network traffic rather than system processes.