Which characteristic is true for NIDS?

Network Intrusion Detection Systems (NIDS) are specifically designed to monitor and analyze network traffic for signs of malicious activity or policy violations. They are placed at strategic points in a network to observe traffic flowing between network devices. This capability allows them to detect attacks that originate from the network, such as denial-of-service attacks, port scans, and various types of unauthorized access attempts. By analyzing packets and traffic patterns, a NIDS can identify suspicious behaviors and generate alerts for potential threats, making "can detect network-based attacks" an accurate characteristic of NIDS.

In contrast to what a NIDS does, monitoring individual host systems is a role of Host-Based Intrusion Detection Systems (HIDS). NIDS does not typically encrypt monitored traffic; its main focus is on detection rather than prevention or encryption. Additionally, while a NIDS can operate as a standalone device, it often relies on software for updates and functionality enhancements, contrary to the idea of functioning completely without any software support. Therefore, the ability to detect network-based attacks is the defining feature of NIDS.