Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
A- True
B- False

Behavior-based monitoring is proactive because it aims to monitor deviant behaviors in order to catch patterns regarding them. It aims to anticipate a future crisis, acting before it occurs.

Anomaly and signature-based monitoring have limitations because they are more reactive, meaning it centers on reacting to the past, not focusing much on the future.

Answer Link

fichoh fichoh · Answer 2 · 2020-03-15T10:54:56+01:00

Answer: A. True

Explanation: Both signature-based and anomaly-based monitoring systems are considered as being reactive based on the fact that, In signature-based monitoring, threat and attacks can only be detected or monitored based on previous threat patterns, meaning tm attacks with a new pattern or signature will go undetected. For the anomaly-based monitoring, it contains a set of rules regarded as norm and flags any process which deviates as a threat.

However, the behavior based monitoring is more adaptive and proactive, it looks at evidence rather than a static or previously established signature which a uses a reactive approach.

Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive. A- True B- False

Respuesta :

Otras preguntas

Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
A- True
B- False