Which of the following is an advantage of anomaly detection?(a) Rules are easy to define(b) Custom protocols can be easily analyzed(c) The engine can scale as the rule set grows(d) Malicious activity that falls within normal usage patterns is detectedI had been asked this question during an interview for a job.My question is from Intrusion Detection Systems topic in portion Point to Point Protocol & Error Detection of Computer Network

Which of the following is an advantage of anomaly detection?(a) Rules

1.	Which of the following is an advantage of anomaly detection?(a) Rules are easy to define(b) Custom protocols can be easily analyzed(c) The engine can scale as the rule set grows(d) Malicious activity that falls within normal usage patterns is detectedI had been asked this question during an interview for a job.My question is from Intrusion Detection Systems topic in portion Point to Point Protocol & Error Detection of Computer Network
Answer» RIGHT choice is (c) The engine can SCALE as the RULE set grows The explanation is: Once a protocol has been built and a behavior defined, the engine can scale more QUICKLY and easily than the signature-based model because a NEW signature does not have to be created for every attack and potential variant.

Discussion

No Comment Found

Related InterviewSolutions

In EIGRP best path is known as the successor, where as backup path is known as __________(a) Feasible successor(b) Back-up route(c) Default route(d) There is no backup route in EIGRPThis question was addressed to me during an interview for a job.My enquiry is from EIGRP topic in section Point to Point Protocol & Error Detection of Computer Network
EIGRP uses the ____________ algorithm for finding shortest path.(a) SPF(b) DUAL(c) Linkstat(d) Djikstra’sThe question was asked in an interview.This interesting question is from EIGRP topic in portion Point to Point Protocol & Error Detection of Computer Network
Administrative distance for external EIGRP route is _______(a) 90(b) 170(c) 110(d) 100This question was posed to me in an interview.Origin of the question is EIGRP topic in chapter Point to Point Protocol & Error Detection of Computer Network
For default gateway, which of following commands will you use on a Cisco router?(a) IP default network(b) IP default gateway(c) IP default route(d) Default networkThe question was asked in an internship interview.My question is from EIGRP in division Point to Point Protocol & Error Detection of Computer Network
The EIGRP metric values include:(a) Delay(b) Bandwidth(c) MTU(d) All of the mentionedThis question was addressed to me during an online exam.Query is from EIGRP topic in section Point to Point Protocol & Error Detection of Computer Network
Administrative distance for internal EIGRP is ______(a) 90(b) 170(c) 110(d) 91I have been asked this question in unit test.This intriguing question comes from EIGRP in section Point to Point Protocol & Error Detection of Computer Network
EIGRP sends a hello message after every ___________ seconds.(a) 5 seconds (LAN), 60 seconds (WAN)(b) 5 seconds (LAN), 5 seconds (WAN)(c) 15s(d) 180sThe question was asked in a job interview.This intriguing question originated from EIGRP topic in division Point to Point Protocol & Error Detection of Computer Network
EIGRP can support ____________(a) VLSM/subnetting(b) Auto summary(c) Unequal cast load balancing(d) All of the mentionedThe question was posed to me during a job interview.This is a very interesting question from EIGRP in division Point to Point Protocol & Error Detection of Computer Network
EIGRP metric is ________(a) K-values(b) Bandwidth only(c) Hop Count(d) Delay onlyThis question was addressed to me during an interview.This interesting question is from EIGRP in division Point to Point Protocol & Error Detection of Computer Network
EIGRP is a routing protocol design by Cisco.(a) True(b) FalseI had been asked this question in quiz.My question is based upon EIGRP in division Point to Point Protocol & Error Detection of Computer Network

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment