Chapter 4 Quiz

Question

Explain the 3 types of models a good Intrusion Detection System (IDS) uses to detect unauthorized intrusions?

Answer

  1. Anomaly-based systems learn what's “ normal” for a given network environment, so they can quickly detect the “abnormal”

  2. Signature-based systems look for slight variations, or signatures, of suspicious network activity

  3. Hybrid detection systems are currently in development which compensate for weaknesses of both anomaly and signature-base system by combininig the best of both

Topic revision: r2 - 2014-04-02 - JimSkon
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback