What is a disadvantage of a pattern-based detection mechanism?
- The normal network traffic pattern must be profiled first.
- It cannot detect unknown attacks.
- It is difficult to deploy in a large network.
- Its configuration is complex.
Explanation: An IDS/IPS with pattern-based detection, also known as signature-based detection, compares the network traffic to a database of known attacks (signature files) and triggers an alarm or prevents communication if a match is found. The signatures must be created first. Hence this type of intrusion detection cannot detect unknown attacks. It is easy to configure and to deploy. Its operation does not depend on the information of normal network behavior (or baseline).
Exam with this question: CCNA Security Chapter 5 Exam Answers
Exam with this question: CCNA Security Chapter 5 Exam (CCNAS v1.2)
Please login or Register to submit your answer