401‐reading 14 - Skalyx866/Notes GitHub Wiki

List 2 differences between firewalls and an IDS?

A firewall prevents malicious attacks while an IDS sends an alert in case something malicious is going on or if something is trying anything nefarious

Under what circumstances would you choose a network-based IDS over a host-based IDS?

You would choose a network based IDS when you don't have a lot of resources and you are not that big.

Name 3 major drawbacks of a NIDS?

NIDS cannot prevent incidents, they cannot read encrypted packets, and IP packets can still be faked or spoofed

Source: The Pros and Cons of Network Intrusion Detection Systems

What I would like to learn more about

I would like to know more about the differences between the different security systems and learn ways how to efficiently implement them.