200-201 Question #341: Real Exam Question with Answer & Explanation

The correct answer is B: Statistical uses the probability approach while rule-based is based on measured data.. Rule-Based Detection: Relies on predefined rules or signatures that identify known patterns or characteristics of attacks or threats. It involves a set of explicit rules that detect specific patterns or behaviors within the data. These rules are typically based on known attack pa

Submitted by weili_xi· Mar 6, 2026Security Concepts

Question

What is a comparison between rule-based and statistical detection?

Options

AStatistical is based on measured data while rule-based uses the evaluated probability approach.
BStatistical uses the probability approach while rule-based is based on measured data.
CRule-based is based on assumptions and statistical uses data known beforehand.
DRule-based uses data known beforehand and statistical is based on assumptions.

Explanation

Rule-Based Detection: Relies on predefined rules or signatures that identify known patterns or characteristics of attacks or threats. It involves a set of explicit rules that detect specific patterns or behaviors within the data. These rules are typically based on known attack patterns, signatures, or indicators of compromise (IoCs) and are static in nature. Statistical Detection: Utilizes statistical models or algorithms to analyze patterns in data and identify anomalies or deviations from normal behavior. It involves analyzing data for unusual patterns or deviations from expected behavior based on statistical models, behavioral baselines, or machine learning algorithms.

Topics

#intrusion detection#rule-based detection#statistical detection#anomaly detection

Community Discussion

No community discussion yet for this question.

Full 200-201 Practice Browse All 200-201 Questions