What detectors identify abnormal unusual behavior on a host or network?

A.
None of the choices.

B.
Legitimate detectors.

C.
Anomaly detectors.

D.
Normal detectors.

Explanation:
Anomaly detectors identify abnormal unusual behavior (anomalies) on a host or network. They
function on the assumption that attacks are different from “normal” (legitimate) activity and can
therefore be detected by systems that identify these differences. Anomaly detectors construct
profiles representing normal behavior of users, hosts, or network connections. These profiles are
constructed from historical data collected over a period of normal operation. The detectors then
collect event data and use a variety of measures to determine when monitored activity deviates
from the norm.