Which type of intrusion detection can terminate processes upon detection of a possible intrusion?

The correct answer is that intrusion prevention systems, which fall under the category of active detection. Active detection systems not only monitor for suspicious activity but also respond to threats in real time. When a potential intrusion is detected, these systems have the capability to take immediate action, such as terminating processes, blocking IP addresses, or altering network traffic to prevent the intrusion from succeeding.

This proactive approach is vital in cybersecurity, as it helps mitigate potential damage before a threat can escalate. Active detection is distinguished from passive detection, which merely identifies and reports potential threats without taking any defensive action. Network monitoring systems observe and analyze network traffic but typically lack the ability to take immediate, corrective measures like those found in intrusion prevention systems.