Which IPS detection method examines network traffic for preconfigured patterns?

– by 1

Which IPS detection method examines network traffic for preconfigured patterns?
A. Signature-based detection
B. Policy-based detection
C. Anomaly-based detection
D. Honey-pot detection

cisco-exams

One thought on “Which IPS detection method examines network traffic for preconfigured patterns?

  1. Signature-based detection: Signature-based IDS monitors packets in the Network and compares with pre-configured and pre-determined attack patterns known as signatures.
    Statistical anomaly-based detection: An IDS which is anomaly-based will monitor network traffic and compare it against an established baseline. The baseline will identify what is “normal” for that network – what sort of bandwidth is generally used and what protocols are used. It may however, raise a False Positive alarm for legitimate use of bandwidth if the baselines are not intelligently configured.[26]
    Stateful protocol analysis detection: This method identifies deviations of protocol states by comparing observed events with “pre-determined profiles of generally accepted definitions of benign activity”.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.