S+ NIDS or HIDS question

paulgswansonpaulgswanson Member Posts: 311
in Security+
I was reading Darrils section about NIDS and HIDS and it occured to me. Since a firewall can be either Software or a physical device is there an assumption we should be making?
example:

Bobert installed a new firewall on your network and needs to install a IDS. What is the best solution?
A. NIDS
B. HIDS
C. Summon Liam Neeson

Has anyone come across this? My first instinct would be to look at A and B and then Id stroke out and guess (problably B).

Seriously thought whats the best answer here, other than the obvious giggle for C

Sorry If thats a silly question, I don't know that much above whats the best yet, hence the studying, so uhm sorry.
http://paulswansonblog.wordpress.com/
WGU Progress: B.S. Network Management & Design <- I quit (got bored)
· Share on FacebookShare on Twitter

Comments

  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    Might need DG himself to weigh in on this one. The premise of the question as I see it is unclear. Whether a firewall was installed (I assume it's a hardware firewall, since it's "on the network") doesn't, from my perspective, have anything to do with whether HIDS, NIDS, or both are still needed solutions.

    Edit: The answer to your more general question is that a "firewall" software or hardware, is a HIPS or NIPS, respectively. It is not necessarily a HIDS or NIDS, since features to detect intrusions may not be included.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
    · Share on FacebookShare on Twitter
  • sec_wizsec_wiz Member Posts: 17 ■□□□□□□□□□
    I know what you're getting at but that question is far too vague to be brought up in a test situation.

    However if it stated 'local' IDS then it would obviously be HIDS.
    · Share on FacebookShare on Twitter
  • afcyungafcyung Member Posts: 212
    To me the answer is in spelling out the acronyms. NIDS is a Network Intrusion Detection System. HIDS is a Host Intrusion Detection System. The question stated that he installed a firewall on the Network. So to me the answer is NIDS.


    EDIT: To answer your question about firewalls. Typically if a firewall is installed on a network its a physical box being installed. A Cisco ASA as one example. Software firewalls are typically used on PCs and servers as added protection for each box, a good example is the Windows firewall. Now does that matter in the context of the question you presented? To me no. The question is basically asking if you know what NIDS and HIDS stand for. The question gave the context clue of the firewall being installed on the network, which should have pointed you at NIDS.
    · Share on FacebookShare on Twitter
  • paulgswansonpaulgswanson Member Posts: 311
    Thanks for the answers and sorry for the vague wording of the question. I'll keep an eye out for the context of the question come test day. I'll get this one right come test day!icon_thumright.gif
    http://paulswansonblog.wordpress.com/
    WGU Progress: B.S. Network Management & Design <- I quit (got bored)
    · Share on FacebookShare on Twitter
Sign In or Register to comment.