Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which one is NOT considered an anomaly-based intrusion protection system?
Traffic anomaly-based
Statistical anomaly-based
Protocol anomaly-based
Temporal anomaly-based
Rule-based IDS is commonly associated with Expert Systems. Traffic anomaly-based IDS detects changes in traffic patterns (e.g. a DoS attack). Protocol-based IDS is associated with identification of anomalies on the usage of a particular protocol. Statistical anomaly-based IDS focuses on identifying via behavioral methods anomalies on an environment's "normal" activities.
**** Excuse me, if one skims through the paper at https://link.springer.com/chapter/10.1007/978-3-319-10172-9_15, it would seem that "temporal anomaly-based" intrusion detection is nothing more than Bayesian driven (statistical inference) intrusion detection, so why is it not considered an anomaly-based intrusion detection system? ****
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.