What is the primary purpose of intrusion detection systems (IDSs)?

• A. Automatically respond by blocking traffic.
• B. Identify attacks on and intrusions and raise alarms.
• C. Encrypt data in transit.
• D. Log user login times for auditing.

Answer: (B)

Intrusion detection systems are built to monitor network traffic or host activity for signs of malicious behavior or policy violations and to raise alarms when something suspicious is detected. They use known threat signatures or anomaly-based patterns to identify potential intrusions and then generate alerts so security staff can investigate and respond, often feeding these events into a SIEM for correlation. This focus on detection and alerting differentiates IDS from systems that block traffic (intrusion prevention systems) or from functions like encrypting data in transit or simply logging user login times for auditing. So the primary purpose is to identify attacks and intrusions and raise alarms.