The most common form of alarm is:
Alarms and notifications are generated by IDSs to inform users when attacks are detected. The most
common form of alarm is:
Which of the following is a valid tool that complements IDSs?
Which of the following is a valid tool that complements IDSs?
which of the following?
A problem with a network-based ID system is that it will not detect attacks against a host made by
an intruder who is logged in at which of the following?
This method is called:
When the IDS detect attackers, the attackers are seamlessly transferred to a special host. This
method is called:
Which of the following is a weakness of both statistical anomaly detection and pattern matching?
Which of the following is a weakness of both statistical anomaly detection and pattern matching?
which of the following?
The two most common implementations of Intrusion Detection are which of the following?
What are the primary approaches IDS takes to analyze events to detect attacks?
What are the primary approaches IDS takes to analyze events to detect attacks?
The patterns corresponding to know attacks are called:
Misuse detectors analyze system activity and identify patterns. The patterns corresponding to know
attacks are called:
Which of the following is an obvious disadvantage of deploying misuse detectors?
Which of the following is an obvious disadvantage of deploying misuse detectors?
What detectors identify abnormal unusual behavior on a host or network?
What detectors identify abnormal unusual behavior on a host or network?