nerdexam
Dell-EMC

DEA-1TT5 · Question #45

DEA-1TT5 Question #45: Real Exam Question with Answer & Explanation

The correct answer is C. Signature-based. Signature-based IDPS systems use a database of known attack signatures to detect malicious activity. These signatures are typically based on patterns of network traffic that are associated with specific attacks. When the IDPS detects a signature in the network traffic, it alerts

Question

A company is using an intrusion detection and prevention system (IDPS) to scan and analyze intrusion events. Which IDPS technique uses a database that contains known attack patterns?

Options

  • ARole-based
  • BProfile-based
  • CSignature-based
  • DAnomaly-based

Explanation

Signature-based IDPS systems use a database of known attack signatures to detect malicious activity. These signatures are typically based on patterns of network traffic that are associated with specific attacks. When the IDPS detects a signature in the network traffic, it alerts the Signature-based IDPS systems are effective at detecting known attacks, but they are not as effective at detecting new or unknown attacks. This is because the database of signatures needs to be updated regularly with new attack signatures.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full DEA-1TT5 Practice