Systems Security Certified Practitioner – SSCP – Question0455

Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

A.
signature-based IDS and statistical anomaly-based IDS, respectively
B. signature-based IDS and dynamic anomaly-based IDS, respectively
C. anomaly-based IDS and statistical-based IDS, respectively
D. signature-based IDS and motion anomaly-based IDS, respectively.

Correct Answer: A

Explanation:

The two current conceptual approaches to Intrusion Detection methodology are knowledge-based ID systems and behavior-based ID systems, sometimes referred to as signature-based ID and statistical anomaly-based ID, respectively. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 63.