nerdexam
ExamsSSCPQuestions#351
(ISC)2(ISC)2

SSCP · Question #351

SSCP Question #351: Real Exam Question with Answer & Explanation

Sign in or unlock SSCP to reveal the answer and full explanation for question #351. The question stem and answer options stay visible for context.

Submitted by dimitri_ru· Apr 18, 2026Security Operations and Administration

Question

Which of the following best describes signature-based detection?

Options

  • ACompare source code, looking for events or sets of events that could cause damage to a
  • BCompare system activity for the behaviour patterns of new attacks.
  • CCompare system activity, looking for events or sets of events that match a predefined
  • DCompare network nodes looking for objects or sets of objects that match a predefined

Unlock SSCP to see the answer

You've previewed enough free SSCP questions. Unlock SSCP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock SSCP - $49.99 / 30 daysSign in

Topics

#Signature-based detection#Intrusion Detection#Threat Detection#Security Monitoring
Full SSCP PracticeBrowse All SSCP Questions