Final answer:
The true statement for a host-based intrusion detection system (HIDS) is that it monitors a single system. A HIDS focuses on activities within one computing system, not the entire network, which makes statement B correct.
Step-by-step explanation:
The answer to the question about which statement is true for a host-based intrusion detection system (HIDS) is: B. It monitors a single system. A HIDS is designed to monitor and analyze the internals of a computing system rather than looking at network traffic. It usually examines system calls, application logs, file-system modifications (such as rootkit installations and other malicious changes), and other host activities. Therefore, it is specific to one host, not the entire network. A network-based IDS (NIDS), on the other hand, monitors network traffic.
HIDS is not invisible to attackers. Skilled attackers may be able to detect and disable HIDS. Additionally, a HIDS can detect malicious code if it is designed to look for and identify such activities, which refutes option D.