Describe two advantages and two disadvantages of a signature-based system.
What will be an ideal response?
Advantages:
This approach makes use of signatures of well-known attacks.
This IDPS can begin working immediately after installation.
This IDPS is easy to understand and less difficult to configure than an anomaly-based system.
Each signature in the database is assigned a number and name so that the administrator can specify which attacks should set off an alarm.
Disadvantages:
The database of signatures must be updated to maintain the IDPS's effectiveness.
New types of attacks might not be included in the database.
By making minor alterations to an attack, attackers can avoid matching a signature in the database.
Because a misuse-based system requires a database, extensive disk storage space might be needed.
You might also like to view...
A network cannot function without a server.
Answer the following statement true (T) or false (F)
Freddie is working on a database that stores inventory information. His boss has asked him to print a report for review by auditors. Freddie wants to make sure the report prints correctly. He should view the report using ________ before printing the report
Fill in the blank(s) with correct word
Which of the following is NOT included in the styles window as a particular type of style?
A) chart style B) paragraph style C) linked style D) character style
All of the following statements are true about the OSI model EXCEPT ____________.
A. The OSI model encourages modular design in networking. B. Each protocol needs to understand all of the protocols handling all the other layers. C. The OSI model provides a common jargon to describe the function of any network protocol. D. Each layer of the OSI model addresses an essential network task.