What is a difference between signature-based and behavior-based detection?

– by 0

What is a difference between signature-based and behavior-based detection?
A. Signature-based identifies behaviors that may be linked to attacks, while behavior-based has a predefined set of rules to match before an alert.
B. Behavior-based identifies behaviors that may be linked to attacks, while signature-based has a predefined set of rules to match before an alert.
C. Behavior-based uses a known vulnerability database, while signature-based intelligently summarizes existing data.
D. Signature-based uses a known vulnerability database, while behavior-based intelligently summarizes existing data.

cisco-exams

0 thoughts on “What is a difference between signature-based and behavior-based detection?

  1. B is correct!
    Check that link which is indicated above, there is written:
    – behavior-based IDS solutions monitor behaviors that may be linked to attacks, (this sentence is copied word-by-word from that link)
    – A signature-based IDS solution typically monitors inbound network traffic to find sequences and patterns that match a particular attack signature. (is pretty close to the second half of the answer)

    3
    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.