What is a difference between signature-based and behavior-based detection?
A. Signature-based identifies behaviors that may be linked to attacks, while behavior-based has a predefined set of rules to match before an alert.
B. Behavior-based identifies behaviors that may be linked to attacks, while signature-based has a predefined set of rules to match before an alert.
C. Behavior-based uses a known vulnerability database, while signature-based intelligently summarizes existing data.
D. Signature-based uses a known vulnerability database, while behavior-based intelligently summarizes existing data.
B is correct!
Check that link which is indicated above, there is written:
– behavior-based IDS solutions monitor behaviors that may be linked to attacks, (this sentence is copied word-by-word from that link)
– A signature-based IDS solution typically monitors inbound network traffic to find sequences and patterns that match a particular attack signature. (is pretty close to the second half of the answer)