ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCCET All Questions

View all questions & answers for the PCCET exam
Go to Exam

Exam PCCET topic 1 question 112 discussion

Actual exam question from Palo Alto Networks's PCCET
Question #: 112
Topic #: 1
[All PCCET Questions]

Which classification of IDS/IPS uses a database of known vulnerabilities and attack profiles to identify intrusion attempts?

  • A. Statistical-based
  • B. Knowledge-based
  • C. Behavior-based
  • D. Anomaly-based
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by blahblah1234567890000 at Sept. 4, 2022, 7:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
blahblah1234567890000
8 months ago
Selected Answer: B
A knowledge-based system uses a database of known vulnerabilities and attack profiles to identify intrusion attempts. These types of systems have lower false-alarm rates than behavior-based systems but must be continually updated with new attack signatures to be effective. ● A behavior-based system uses a baseline of normal network activity to identify unusual patterns or levels of network activity that may be indicative of an intrusion attempt. These types of systems are more adaptive than knowledge-based systems and therefore may be more effective in detecting previously unknown vulnerabilities and attacks, but they have a much higher false-positive rate than knowledge-based systems.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago