(ISC)2 Certified in Cybersecurity Practice Exam

An Intrusion Detection System (IDS) is designed to monitor network traffic and system activities for signs of malicious behavior or policy violations. One of its key functionalities is the ability to detect various types of attacks, including SQL Injection attacks and unusual login patterns.

For SQL Injection attacks, an IDS can analyze incoming queries and look for patterns that match known SQL injection techniques. By recognizing these malicious patterns, the IDS can raise alerts to inform administrators of potential attacks, allowing them to take action before any damage is done.

Similarly, unusual login patterns, such as multiple failed login attempts from a single IP address or logins from unexpected geographic locations, can also be flagged by an IDS. This ability to identify anomalies in authentication attempts is crucial for detecting brute force attacks or accounts being compromised.

Overall, the capabilities of an IDS encompass monitoring for diverse attack vectors, and its detection mechanisms make it a valuable tool for enhancing the security posture of an organization. Therefore, the assertion that an IDS can detect SQL Injection attacks and unusual login patterns is indeed true.