Which IPS detection method can you use to detect attacks that based on the attackers IP addresses?
A. Policy-based
B. Anomaly-based
C. Reputation-based
D. Signature-based
Which IPS detection method can you use to detect attacks that based on the attackers IP addresses?
A. Policy-based
B. Anomaly-based
C. Reputation-based
D. Signature-based
C
Reputation-based IPS
collects input from systems all over the planet that are participating in global correlation; so
what other sensors have learned collectively, your local sensor can use locally. Reputationbased
IPS/IDS may include descriptors such as blocks of IP addresses, URLs, DNS domains,
and so on as indicators of the sources for these attacks
From CCNA Sec 210-260
In my opinion the correct answer is C ( Reputation-based). Because exist black list IP a database of that IP reputation.