COMPUTER NETWORKS AND COMMUNICATIONS
NETWORK SECURITY AND CYBERSECURITY
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
True
|
|
False
|
|
Either A or B
|
|
None of the above
|
Detailed explanation-1: -Which is true of a signature-based IDS? It cannot work with an IPS. It only identifies on known signatures.
Detailed explanation-2: -Explanation. Snort is a signature-based intrusion detection system. Snort is an open source network intrusion prevention and detection system that operates as a network sniffer.
Detailed explanation-3: -One of the biggest limitations of signature-based IDS solutions is their inability to detect unknown attacks. Malicious actors can simply modify their attack sequences within malware and other types of attacks to avoid being detected.
Detailed explanation-4: -However, signature-based NIDS also have some limitations. They cannot detect new or unknown attacks, which may not have a signature yet. They also generate false positives, which are alerts that are not related to actual attacks, but to legitimate network traffic or activities.