Certified Information Systems Auditor (CISA) — Question 764

Which of the following provides the MOST protection against emerging threats?

Answer options

• A. Real-time updating of antivirus software
• B. Signature-based intrusion detection system (IDS)
• C. Demilitarized zone (DMZ)
• D. Heuristic intrusion detection system (IDS)

Correct answer: D

Explanation

The Heuristic intrusion detection system (IDS) is designed to identify and respond to unknown threats by analyzing behavior patterns, making it the most effective against emerging threats. In contrast, a signature-based IDS relies on known threat signatures, which may not detect new variants. Real-time antivirus updates improve protection but may still miss novel threats, and a DMZ primarily serves to segment networks rather than directly defending against threats.