What does a Host-based Intrusion Detection System (IDS) monitor on a computer?

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Operating System Security Exam. Study with flashcards and multiple-choice questions, each with hints and explanations. Get ready for your test!

A Host-based Intrusion Detection System (IDS) is designed to monitor activities and changes on an individual host or computer. It focuses on identifying suspicious activities based on the behavior of applications, user activities, and system resources.

Monitoring CPU and memory utilization is particularly important because unusual patterns in resource usage can indicate potential security breaches or malicious activities. For instance, if a program is consuming an excessive amount of CPU or memory resources unexpectedly, it could be running a process that is not authorized, like a malware infection or an intrusion attempt.

While other options may touch on aspects of what can be monitored, such as user behavior or network traffic, these are not the primary focus of a host-based IDS. Network traffic is typically the domain of network-based IDS, and hardware configurations may be monitored by different security mechanisms. Hence, the role of a Host-based IDS is more aligned with assessing the internal state of a host, emphasizing critical performance metrics that reflect potential security incidents.

More Multiple Choice Questions