COMPUTER NETWORKS AND COMMUNICATIONS
NETWORK SECURITY AND CYBERSECURITY
|
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
|
Honey pot
|
|
|
Distributed intrusion detection system (DIDS)
|
|
|
Anomaly based
|
|
|
Signature based
|
Detailed explanation-1: -Behavioral-based detection differs from anomaly-based detection. Behavioral-based detection records expected patterns concerning the entity being monitored (ex. user logins). Anomaly-based detection prescribes the baseline for expected patterns based on its observation of what normal looks like.
Detailed explanation-2: -Anomalous data can indicate critical incidents. In the context of cyber threat intelligence, anomaly detection involves identifying potential malicious activities such as intrusion attacks, password spraying attacks, data exfiltration, among others.
Detailed explanation-3: -Anomaly-based IDSes typically work by taking a baseline of the normal traffic and activity taking place on the network. They can measure the present state of traffic on the network against this baseline in order to detect patterns that are not present in the traffic normally.
Detailed explanation-4: -There are three main classes of anomaly detection techniques: unsupervised, semi-supervised, and supervised.