200-201 · Question #379
200-201 Question #379: Real Exam Question with Answer & Explanation
The correct answer is A: Rule-based systems have predefined patterns, and behavioral systems learn the patterns that are. Rule-based detection systems operate using predefined patterns and signatures to identify known threats. These patterns are based on prior knowledge of attack methods and vulnerabilities. Behavioral detection systems, on the other hand, analyze the normal behavior of a network or
Question
How does rule-based detection differ from behavioral detection?
Options
- ARule-based systems have predefined patterns, and behavioral systems learn the patterns that are
- BRule-based systems search for patterns linked to specific types of attacks, and behavioral
- CBehavioral systems have patterns are for complex environments, and rule-based systems can be
- DBehavioral systems find sequences that match particular attack behaviors, and rule-based
Explanation
Rule-based detection systems operate using predefined patterns and signatures to identify known threats. These patterns are based on prior knowledge of attack methods and vulnerabilities. Behavioral detection systems, on the other hand, analyze the normal behavior of a network or system to establish a baseline. They then monitor for deviations from this baseline, which may indicate potential threats. Rule-based systems are effective at detecting known threats but may struggle with novel or zero- day attacks that do not match existing signatures. Behavioral systems can detect unknown threats by recognizing abnormal activities, making them useful in identifying zero-day exploits and other sophisticated attacks.
Topics
Community Discussion
No community discussion yet for this question.