Which of the following are used in an attack detected by an IDS?

A.
An event-based ID or a statistical anomaly-based ID

B.
A discrete anomaly-based ID or a signature-based ID

C.
A signature-based ID or a statistical anomaly-based ID

D.
A signature-based ID or an event-based ID

Explanation:
An IDS detects an attack through a signature-based ID or a statisticalanomaly-based ID. Signature-based IDS are the most popular IDS products today, andtheir effectiveness depends upon regularly updating the software with newsignatures, as with antivirus software. A statistical anomaly-based IDS is abehavioral-based system. Behavioral-based IDS products do not use predefinedPage 7cess trol-P5.txtsignatures, but rather are put in a learning mode to build a profile of anenvironment’s "normal" activities.