1. Which of the following is an advantage of anomaly-based detection?
a. Rules are easy to define
b. The data it produces can be easily analyzed
c. It can detect “zero-day” or previously unknown attacks
d. Malicious activity that falls within normal usage patterns is detected
e. Rules developed at one site can be shared with many other users
2. Most commercial NIDS tools generate alerts based on signatures at the network layer and what other OSI model layer?
a. Application layer
b. Presentation layer
c. Data-link layer
d. Transport layer
e. Session layer
These multiple choice questions belong to Computer Science and they discuss about advantage of anomaly-based detection and commercial NIDS tools generating alerts based on signatures.
Total Word Count NADownload Full Solution