Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PCCET Topic 1 Question 34 Discussion

Actual exam question for Palo Alto Networks's PCCET exam
Question #: 34
Topic #: 1
[All PCCET Questions]

Which classification of IDS/IPS uses a database of known vulnerabilities and attack profiles to identify intrusion attempts?

Show Suggested Answer Hide Answer
Suggested Answer: B

A knowledge-based system uses a database of known vulnerabilities and attack profiles

to identify intrusion attempts. These types of systems have lower false-alarm rates than

behavior-based systems but must be continually updated with new attack signatures to

be effective.

A behavior-based system uses a baseline of normal network activity to identify unusual

patterns or levels of network activity that may be indicative of an intrusion attempt.

These types of systems are more adaptive than knowledge-based systems and therefore

may be more effective in detecting previously unknown vulnerabilities and attacks, but

they have a much higher false-positive rate than knowledge-based systems.


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel