An IPS sensor has detected the string confidential across multiple packets in a TCP session. Which type of signature trigger and signature type does this describe?
- Trigger: Policy-based detection
Type: Atomic signature - Trigger: Policy-based detection
Type: Composite signature - Trigger: Anomaly-based detection
Type: Atomic signature - Trigger: Anomaly-based detection
Type: Composite signature - Trigger: Pattern-based detection
Type: Atomic signature - Trigger: Pattern-based detection
Type: Composite signature*
Explanation: Pattern-based detection (also called signature-based detection) searches for a specific pattern that can be textual, binary, or a series of function calls. It can be detected in a single packet (atomic) or in a packet sequence (composite).
Exam with this question: CCNA Security Chapter 5 Exam Answers
Exam with this question: CCNA Security Chapter 5 Exam (CCNAS v1.2)
Please login or Register to submit your answer