Which of these is a type of detective access control?
D: Intrusion detection systems.
CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests
D: IDSs (Intrusion Detection Systems) on our network to capture and alert traffic seen as malicious. They can be categorized into 2 types and with 2 different approaches to identifying malicious traffic. Network based, placed on a network segment (a switch port in promiscuous mode). Host based, on a client, normally a server or workstation. Signature (Pattern) matching, similar to anti virus, it matches traffic against a long list of known malicious traffic patterns. Heuristic (Behavioral) based, uses a normal traffic pattern baseline to monitor for abnormal traffic.