212-82 · Question #2
212-82 Question #2: Real Exam Question with Answer & Explanation
The correct answer is C: Anomaly detection. Anomaly detection is a type of IDS detection method that involves first creating models for possible intrusions and then comparing these models with incoming events to make a detection decision. It can detect unknown or zero-day attacks by looking for deviations from normal or ex
Question
Rhett, a security professional at an organization, was instructed to deploy an IDS solution on their corporate network to defend against evolving threats. For this purpose, Rhett selected an IDS solution that first creates models for possible intrusions and then compares these models with incoming events to make detection decisions. Identify the detection method employed by the IDS solution in the above scenario.
Options
- ANot-use detection
- BProtocol anomaly detection
- CAnomaly detection
- DSignature recognition
Explanation
Anomaly detection is a type of IDS detection method that involves first creating models for possible intrusions and then comparing these models with incoming events to make a detection decision. It can detect unknown or zero-day attacks by looking for deviations from normal or expected behavior.
Topics
Community Discussion
No community discussion yet for this question.