Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam ECSS Topic 5 Question 94 Discussion

Actual exam question for Eccouncil's ECSS exam
Question #: 94
Topic #: 5
[All ECSS Questions]

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Ricarda at Sep 18, 2024, 10:06 PM

Limited Time Offer

25%

Off

Get Premium ECSS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rene
5 days ago
I think the answer is B) Anomaly-based. The scenario describes an IDS that compares observed events with normal behavior to detect deviations, which is the hallmark of an anomaly-based IDS.
upvoted 0 times
...
Adelle
8 days ago
I agree with Mireya, signature-based makes more sense in this scenario as it detects deviations from known patterns.
upvoted 0 times
...
Mireya
11 days ago
I disagree, I believe it is signature-based because it compares observed events with known patterns.
upvoted 0 times
...
Roy
12 days ago
I think the type of IDS employed by Messy is anomaly-based.
upvoted 0 times
...

Save Cancel