SSCP Question #364: Real Exam Question with Answer & Explanation

The correct answer is A: signature-based IDS and statistical anomaly-based IDS, respectively. Knowledge-based IDS is synonymous with signature-based IDS - both rely on a database of known attack patterns. Behavior-based IDS is synonymous with statistical anomaly-based IDS - both establish a baseline of normal activity and flag statistically significant deviations. The pai

Submitted by fernanda_arg· Apr 18, 2026Network and Communications Security

Question

Which of the following are additional terms used to describe knowledge-based IDS and behavior based IDS?

Options

Asignature-based IDS and statistical anomaly-based IDS, respectively
Bsignature-based IDS and dynamic anomaly-based IDS, respectively
Canomaly-based IDS and statistical-based IDS, respectively
Dsignature-based IDS and motion anomaly-based IDS, respectively.

Explanation

Knowledge-based IDS is synonymous with signature-based IDS - both rely on a database of known attack patterns. Behavior-based IDS is synonymous with statistical anomaly-based IDS - both establish a baseline of normal activity and flag statistically significant deviations. The pairing in choice A correctly maps both terms. The other choices either use invented terms ('dynamic anomaly-based', 'motion anomaly-based') or swap the mapping incorrectly.

Topics

#IDS#Signature-based IDS#Anomaly-based IDS#Network Security

Community Discussion

No community discussion yet for this question.

Full SSCP Practice Browse All SSCP Questions