Contrast anomaly detection with signature detection.
What will be an ideal response?
An anomaly detection system makes use of profiles that describe the services and resources each authorized user or group normally accesses on the network. Network baselines are also associated with profiles. Once these profiles are in place, the system can monitor users and groups for suspicious activity (anomalies) that does not fit the profiles.
In contrast to anomaly-based detection, which triggers alarms based on deviations from normal network behavior, signature detection triggers alarms based on characteristic signatures of known external attacks. You might decide to use signature detection if you have the time and ability (and perhaps the software) to analyze the large amount of log file data this system generates.
You might also like to view...
If the first line of a class declaration is class CShoes, what is the first line of the class declaration for a class called Sneakers that inherits from CShoes?
A. class Sneakers :: public CShoes B. class Sneakers: public CShoes C. public CShoes :: class Sneakers D. public CShoes : class Sneakers
Which of the following is the command used to display a text file one page at a time?
A) MORE B) DISPLAY C) DIR D) VIEW
The summary of changes in the Reviewing Pane shows only insertions and deletions.
Answer the following statement true (T) or false (F)
Choose the sentence type of the following sentence.The potential employee was interviewed by a doctor, a hospital administrator, and a community leader.?
A. ?Simple B. ?Compound C. ?Complex D. ?Compound-complex