nerdexam
Mile2_Security

MK0-201 · Question #243

MK0-201 Question #243: Real Exam Question with Answer & Explanation

The correct answer is C. Compares traffic to RFC standards and reports deviations. See the full explanation below for the reasoning.

Question

Intrusion Detection Systems have multiple ways to decode the information. Which of the following definitions would best describe Protocol Anomaly Detection within an Intrusion Detection System (IDS) engine?

Options

  • AInterprets the attack as the victim would for greater accuracy
  • BIdentifies attacks that are based on condition, not patterns
  • CCompares traffic to RFC standards and reports deviations
  • DIdentifies traffic that breaks policy or is not normal for network

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full MK0-201 Practice