PracticeQuiz content is free on an ad-supported model.

Unfortunately, we can't support ad blocker usage because of the impact on our servers. If you'd like to continue, please disable your ad blocker and reload page.

Reload page

CompTIA: Advanced Security Practitioner (CASP) Exam Prep

Category - Network

Start a Study Session Sign up for Question of the Day

Which of the following NIDS configurations is based solely on specific network traffic?

Anomaly based
Behavior based
Signature based
Passive IDS

Explanation

Answer: D - A signature based NIDS is solely based on specific network traffic.

Key Takeaway: IDS is primarily focused on evaluating attacks based on attack signatures and audit trails. A signature based intrusion detection system, or IDS, evaluates packets on the network to a database of known attacks for similarities to these known attacks. The issue that can occur with a signature based IDS is the lag time between the exploits being released and the database being updated with the signature. An anomaly or behavior based IDS is one that looks for behaviors different than expected based on the system’s configuration.

Previous Next

Was this helpful? Upvote!

Start a Study Session Sign up for Question of the Day

CompTIA: Advanced Security Practitioner (CASP) Exam Prep

Top questions

Related questions

Most popular on PracticeQuiz

Ad-Blocker not supported

CompTIA: Advanced Security Practitioner (CASP) Exam Prep

Top questions

Related questions

Most popular on PracticeQuiz