Which statement describes the anomaly-based intrusion detection approach?

IT Questions BankCategory: CCNA CyberOpsWhich statement describes the anomaly-based intrusion detection approach?
Which statement describes the anomaly-based intrusion detection approach? 1Administrator Staff asked 4 months ago
Which statement describes the anomaly-based intrusion detection approach?

  • It compares the antivirus definition file to a cloud based repository for latest updates.
  • It compares the behavior of a host to an established baseline to identify potential intrusions.
  • It compares the signatures of incoming traffic to a known intrusion database.
  • It compares the operations of a host against a well-defined security policy.

Explanation: With an anomaly-based intrusion detection approach, a baseline of host behaviors is established first. The host behavior is checked against the baseline to detect significant deviations, which might indicate potential intrusions.

More Questions: CyberOps Associate (Version 1.0) – CyberOps Associate 1.0 Practice Final exam
More Questions: CCNA Cyber Ops Chapter 10 Exam Answers


Related Articles