Mile2_Security
ML0-320 · Question #125
ML0-320 Question #125: Real Exam Question with Answer & Explanation
Sign in or unlock ML0-320 to reveal the answer and full explanation for question #125. The question stem and answer options stay visible for context.
Question
Intrusion Detection Systems have multiple ways to decode the information. Which of the following definitions would best describe Protocol Anomaly Detection within an Intrusion Detection System (IDS) engine?
Options
- AInterprets the attack as the victim would for greater accuracy
- BIdentifies attacks that are based on condition, not patterns
- CCompares traffic to RFC standards and reports deviations
- DIdentifies traffic that breaks policy or is not normal for network
Unlock ML0-320 to see the answer
You've previewed enough free ML0-320 questions. Unlock ML0-320 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.