Certified Ethical Hacker (CEH v10) — Question 159

Bob finished a C programming course and created a small C application to monitor the network traffic and produce alerts when any origin sends "many" IP packets, based on the average number of packets sent by all origins and using some thresholds.
In concept, the solution developed by Bob is actually:

Answer options

• A. Just a network monitoring tool
• B. A signature-based IDS
• C. A hybrid IDS
• D. A behavior-based IDS

Correct answer: A

Explanation

The correct answer is A because Bob's application focuses solely on monitoring network traffic rather than analyzing it for specific attack patterns or behaviors. Options B, C, and D refer to intrusion detection systems that involve more complex analysis and pattern recognition, which Bob's application does not implement.