Knowledge-based Intrusion Detection Systems (IDS) are more common than:

A.
Network-based IDS

B.
Host-based IDS

C.
Behavior-based IDS

D.
Application-Based IDS

Explanation:
An IDS can detect malicious behavior using two common methods. One way is to use knowledge-based
detection which is more frequently used. The second detection type is behavior-based detection.
Incorrect Answers:
A: A Network-based IDS is not a type of Knowledge-based Intrusion Detection System.
B: A host-based IDS is not a type of Knowledge-based Intrusion Detection System.
D: An application-based IDS is not a type of Knowledge-based Intrusion Detection System.

Stewart, James M., Ed Tittel, and Mike Chapple, CISSP: Certified Information Systems Security Professional
Study Guide, 5th Edition, Sybex, Indianapolis, 2011, p. 56