U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Cybersecurity-Apprentice Exam - Topic 2 Question 1 Discussion

What is a function of a Network-Based Intrusion Detection System (NIDS)?
D) Monitoring network traffic and reporting results to an administrator
A) Scanning and quarantining infected files on a host machine
B) Proxying traffic before reaching an internal network
C) Blocking malicious traffic from entering a network in real time

Palo Alto Networks Cybersecurity-Apprentice Exam - Topic 2 Question 1 Discussion

Actual exam question for Palo Alto Networks's Cybersecurity-Apprentice exam
Question #: 1
Topic #: 2
[All Cybersecurity-Apprentice Questions]

What is a function of a Network-Based Intrusion Detection System (NIDS)?

Show Suggested Answer Hide Answer
Suggested Answer: D

A Network-Based Intrusion Detection System monitors network traffic and reports suspicious findings to administrators or security tools. It observes packets traversing a network segment and compares activity against signatures, patterns, protocol anomalies, or behavior models. Because it is detection-focused, a NIDS typically alerts rather than blocks traffic inline. Scanning and quarantining infected files on a host machine is an endpoint security function. Proxying traffic before it reaches an internal network is a proxy function. Blocking malicious traffic in real time is more closely associated with an IPS or firewall. A NIDS is useful because it can provide visibility across multiple hosts without installing an agent on each one. However, encrypted traffic, high throughput, and east-west blind spots can limit visibility if sensors are not placed correctly. SOC teams use NIDS alerts as evidence during investigation and correlation. Reference/topics: Cybersecurity 1.4, NIDS and other threat detection systems; Security Operations 6.3, alerts and events.


Contribute your Thoughts:

0/2000 characters

Currently there are no comments in this discussion, be the first to comment!


Save Cancel