Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
A. Cannot deal with encrypted network traffic
B. Requires vendor updates for new threats
C. Can identify unknown attacks
D. Produces less false positives
A. Cannot deal with encrypted network traffic
B. Requires vendor updates for new threats
C. Can identify unknown attacks
D. Produces less false positives