Which of the following is true of signature-based IDSes?

Q: Which of the following is true of signature-based IDSes?

D. They scan network traffic or packets to identify matches with attack-definition files. Explanation: They are constantly updated with attack-definition files (signatures) that describe each type of known malicious activity. They then scan network traffic for packets that match the signatures, and then raise alerts to security administrators.

Question #2603 of 998+ in Computer Networks

📝 Question #2603

Which of the following is true of signature-based IDSes?

⌨️ Press A B C D to select

✓

All Options & Correct Answer

A They alert administrators to deviations from “normal” traffic behavior

B They identify previously unknown attacks

C The technology is mature and reliable enough to use on production networks

D They scan network traffic or packets to identify matches with attack-definition files Correct

📋 Question Details

Subject: Computer Networks
Difficulty: Medium
Year: —
Source: Sanfoundry

WhatsApp Facebook Twitter

📚 Want More?

Practice Computer Networks MCQs

998+ questions with detailed answers

📚 Practice ⚡ Quiz

Which of the following is true of signature-based IDSes?

Which of the following is true of signature-based IDSes?

All Options & Correct Answer

📋 Question Details

📤 Share This MCQ

Practice Computer Networks MCQs