• Post author:
  • Post category:Updated
  • Reading time:1 mins read
  • Post last modified:June 12, 2024

Which HIDS is integrated into the Security Onion and uses rules to detect changes in host-based operating parameters caused by malware through system calls?

  • Bro
  • Snort
  • OSSEC
  • Suricata
Answers Explanation & Hints:

OSSEC is a HIDS integrated into the Security Onion and uses rules to detect changes in host-based parameters like the execution of software processes, changes in user privileges, registry modifications, among many others. OSSEC rules will trigger events that occurred on the host, including indicators that malware may have interacted with the OS kernel. Bro, Snort, and Suricata are examples of NIDS systems.

For more Questions and Answers:

CyberOps Associate 1.02 & CA v1.0 Modules 26 – 28: Analyzing Security Data Group Exam Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments