Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CSSLP Exam - Topic 11 Question 107 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 107
Topic #: 11
[All CSSLP Questions]

Which of the following is designed to detect unwanted attempts at accessing, manipulating, and disabling of computer systems through the Internet?

Show Suggested Answer Hide Answer
Suggested Answer: C

An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or

disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by

crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted traffic. An intrusion detection

system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This includes

network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation,

unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).

Answer D is incorrect. Access Control List (ACL) is the most commonly used object in Cisco IOS. It filters packets or network traffic by

controlling whether routed packets are forwarded or blocked at the router's interfaces. According to the criteria specified within the access

lists, router determines whether the packets to be forwarded or dropped. Access control list criteria could be the source or destination

address of the traffic or other information. The types of Cisco ACLs are Standard IP, Extended IP, IPX, Appletalk, etc.

Answer B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital

signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read. IPSec also provides sender verification

that ensures the certainty of the datagram's origin to the receiver.

Answer A is incorrect. Direct-attached storage (DAS) is a digital storage system that is directly attached to a server or workstation,

without using a storage network.


by Dong at Nov 20, 2025, 04:09 PM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tamekia
1 day ago
I was torn between C) IDS and B) IPsec. But IDS fits better.
upvoted 0 times
...
Chi
6 days ago
I feel like A) DAS is also important, but not for this.
upvoted 0 times
...
Lourdes
12 days ago
Agreed! IDS is crucial for security.
upvoted 0 times
...
Micaela
17 days ago
I was surprised to learn that IDS is the answer!
upvoted 0 times
...
Marilynn
22 days ago
Are we sure it's not A) DAS? Seems a bit off.
upvoted 0 times
...
Alecia
27 days ago
I thought it was B) IPsec, but I guess not.
upvoted 0 times
...
Penney
2 months ago
Haha, I bet the exam writers love coming up with these tricky security questions. I'm just glad I don't have to deal with this stuff in my job.
upvoted 0 times
...
Dorinda
2 months ago
I'm pretty sure IDS stands for "Intrusion Detection System." Gotta love those cybersecurity acronyms!
upvoted 0 times
...
Adell
2 months ago
Definitely C. I've had to deal with IDS alerts before when I accidentally triggered them. Not fun.
upvoted 0 times
...
Afton
2 months ago
I always get IDS and IPS mixed up. Maybe I should just remember "I Detect Stuff" for IDS.
upvoted 0 times
...
Jovita
2 months ago
C) IDS is the correct answer. It's designed to detect and prevent unauthorized access to computer systems.
upvoted 0 times
...
Carri
2 months ago
I’m leaning towards C) IDS too, but I wonder if IPsec could also be relevant in some way.
upvoted 0 times
...
Page
3 months ago
I keep mixing up IDS and ACL; I think IDS is the right choice, but I need to double-check the definitions.
upvoted 0 times
...
Francisca
3 months ago
I remember studying about network security, and I feel like IDS was mentioned in a similar question about monitoring threats.
upvoted 0 times
...
Lawana
3 months ago
I think it's C) IDS, but I'm not entirely sure if it also covers manipulation attempts.
upvoted 0 times
...
Mirta
3 months ago
I think the key here is looking for the option that is specifically designed for detecting unwanted access and attacks. That narrows it down to either IDS or ACL. I'm leaning towards IDS, but I'll double-check my understanding just to be sure.
upvoted 0 times
...
James
3 months ago
I'm a bit confused on this one. Is IPsec also related to network security and intrusion detection? I'll have to review my notes to make sure I understand the differences between these options.
upvoted 0 times
...
Lettie
3 months ago
Okay, let me see. IDS is an Intrusion Detection System, so that sounds like it would be the right answer to detect unwanted access attempts. I'm pretty confident that's the correct choice.
upvoted 0 times
...
Ruthann
4 months ago
I think it's C) IDS. It monitors for intrusions.
upvoted 0 times
...
Son
4 months ago
It's definitely C) IDS.
upvoted 0 times
...
James
4 months ago
Definitely C) IDS. It detects unwanted access attempts.
upvoted 0 times
...
Luann
4 months ago
Totally agree, C) IDS is the right answer!
upvoted 0 times
...
Aracelis
5 months ago
Hmm, I'm not totally sure about this one. I know IDS has something to do with network security, but I can't remember the exact details. I'll have to think it through carefully.
upvoted 0 times
...
Sheridan
5 months ago
I think the answer is C) IDS. That's the one that's designed to detect unauthorized access and attacks on computer systems, right?
upvoted 0 times
Lamonica
4 months ago
I agree, C) IDS is the right choice!
upvoted 0 times
...
...

Save Cancel