Which IDS/IPS signature alarm will look for packets that are destined to or from a particular port?

IT Questions BankCategory: CCNA SecurityWhich IDS/IPS signature alarm will look for packets that are destined to or from a particular port?
Which IDS/IPS signature alarm will look for packets that are destined to or from a particular port? 1ITExamAnswers Staff asked 4 months ago

Which IDS/IPS signature alarm will look for packets that are destined to or from a particular port?

  • honey pot-based
  • anomaly-based
  • signature-based
  • policy-based

Explanation: Cisco IDS and IPS sensors can use four types of signature alarms or triggers:

Pattern-based detection – also known as signature-based detection, searches for a specific and pre-defined pattern. In most cases, the pattern is matched to the signature only if the suspect packet is associated with a particular service or destined to or from particular ports.
Anomaly-based detection – also known as profile-based detection, involves first defining a profile of what is considered normal for the network or host. After defining normal activity, the signature triggers an action if excessive activity occurs beyond a specified threshold that is not included in the normal profile.
Policy-based detection – also known as behavior-based detection, is similar to pattern-based detection, but instead of trying to define specific patterns, the administrator defines behaviors that are suspicious based on historical analysis.
Honey pot-based detection – uses a dummy server to attract attacks.

More Questions: CCNA Security Final Exam Answers
More Questions: CCNA Security Pretest Exam Answers


Related Articles

guest
0 Comments
Inline Feedbacks
View all comments