Which of the following are correct characteristics of anomaly-based IDSes?

Which of the following are correct characteristics of anomaly-based IDSes?

i.Pattern matching
ii. Stateful matching
iii. Protocol anomaly-based
iv. Traffic anomaly-based
v.Rule or Heuristic – based

A.
i, ii

B.
i, iii, iv

C.
iii, iv, v

D.
i, ii, iii, iv

Explanation:
The following are characteristics of signature-based versus
behavioral-based IDSes;
– Signature-based
– Pattern matching
– Stateful matching
– Anomaly-based
– Statistical anomaly-based
– Protocol anomaly-based
– Traffic anomaly-based
– Rule or Heuristic – based