What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it's made on the provider's environment?
The correct answer is Cloud-based.
Cloud-based detection identifies malware by collecting data from protected computers while analyzing it on the provider's infrastructure, instead of performing the analysis locally.
https://zeltser.com/how-antivirus-software-works/
Cloud Based, antivirus software leverages the power of cloud computing and centralized analysis to identify malware. Instead of analyzing files locally on individual systems, the files are sent to the provider's cloud environment for analysis.
Answer: D
Cloud-based detection techniques in antivirus software involve collecting data from multiple protected systems and analyzing it in the provider's environment instead of locally on individual systems. This approach enables rapid response to new malware threats and reduces the computational overhead on local machines. By leveraging the power of cloud infrastructure, antivirus providers can analyze large volumes of data and deploy updates to their users more efficiently.
Not done locally, instead, it is done in the provider's environment. This points to a Cloud-based IDS/IPS. Heuristic is still done locally, it is just behavioral-based.
hm. poor question...IDPS is all a blur nowadays..AI + ML yadda so I wouldn't get hung up on heuristics etc. best guess the only clear part of this question as I read it is WHERE is the analysis taking place? = the vendors (provider environment) like say PaloAlto etc. (which might have been exotic when this question was written)
A
tcptrace is a free and open-source tool for analyzing TCP dump files.[1][2][3] It accepts as input files produced by packet-capture programs, including tcpdump, Wireshark, and snoop.
tcptrace can produce several different types of output containing information on each connection seen, such as elapsed time, bytes and segments sent and received, retransmissions, round trip times, window advertisements, and throughput. It can also produce graphs for further analysis. As of version 5, minimal UDP processing has been implemented in addition to the TCP capabilities.
https://en.wikipedia.org/wiki/Tcptrace
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
peace_iron
Highly Voted 2 years, 4 months agorickcoyw
Most Recent 10 months, 2 weeks agovictorfs
1 year agoqovert
1 year, 1 month agoFlav_man
1 year, 2 months agojosevirtual
1 year, 5 months agobaskan
1 year, 9 months agonoblethic
1 year, 10 months agonoblethic
1 year, 10 months agoGrey975
1 year, 9 months agocazzobsb
2 years, 1 month ago[Removed]
2 years, 1 month agoiqrahaq
2 years, 1 month agoJong1
2 years, 1 month agoHuinen
2 years, 2 months agomartco
2 years, 5 months agoidowh
2 years, 6 months agoblacksheep6r
2 years, 6 months agoRoVasq3
2 years, 5 months ago