What is an example of a host-based intrusion detection system?

The choice identifying a host-based intrusion detection system highlights its function of monitoring the internal activity of a single host or computer. Such systems are designed to detect suspicious activities, such as unusual CPU and memory utilization patterns, which may indicate potential security breaches or intrusions. By analyzing system utilization metrics, they can identify anomalies that deviate from normal behavior, allowing for proactive responses to potential threats.

Host-based intrusion detection systems primarily focus on the integrity and security of individual machines rather than network-wide activities. Monitoring resource usage is essential for identifying unauthorized processes or applications that could compromise security. This approach is distinct from preventive hardware systems, which aim to block access altogether, or antivirus systems that check for known malware signatures. The monitoring and anomaly-detection aspect is what aligns option C perfectly with the characteristics and purposes of host-based intrusion detection systems.