Part 04 – NDS vs HIDS

The topics of network intrusion systems and host intrusion detection systems are covered in this module. We point out the passive nature of intrusion detection systems (IDS) vs. intrusion prevention systems (IPS). An IDS is part of a layered defense and consists of several components and processes. Its primary concern is with identifying suspicious behavior, logging the behavior, and finally sending out alerts. It does not actually take any action to prevent or otherwise intervene in the suspicious behavior it detects. Intrusion prevention is concerned with both detection of malicious behavior as well as employing tactics to thwart the effects of the attack. We then cover the main components of an IDS and discuss the two main types: Host-based IDS (HIDS) and Network-based IDS (NDIS). We note the performance overhead that must be considered with a HIDS as well as the pros and cons of each. It's also pointed out that a HIDS can decrypt data which a NIDS is otherwise unable to examine out on the network.
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?