Which of the following is true of signature-based IDSes? A. They alert administrators to deviations from “normal” traffic behavior B. They identify previously unknown attacks C. The technology is mature and reliable enough to use on production networks D. They scan network traffic or packets to identify matches with attack-definition files Answer Workspace Report Discuss Answer with explanation Answer: Option D Explanation They are constantly updated with attack-definition files (signatures) that describe each type of known malicious activity. They then scan network traffic for packets that match the signatures, and then raise alerts to security administrators. Workspace
Discuss about the question