Which of the following isnot a characteristic of this type of security mechanism?

A rule-based IDS is a newer and more sophisticated IDS. Which of the following isnot a characteristic of this type of security mechanism?

A rule-based IDS is a newer and more sophisticated IDS. Which of the following isnot a characteristic of this type of security mechanism?

A.
Usually based on an expert system, with a knowledge base, inference engine, andrule-based programming

B.
Allows for complex rules and situations to be laid out to define attackscenarios in a granular approach

C.
Works with if/then scenarios

D.
Knowledge is represented as data and facts are used to analyze the data

Explanation:
Rule-based IDS is commonly associated with the use of an expertsystem. An expert system is made up of a knowledge base, inference engine, andrule-based programming. Knowledge is represented as rules and the data that is to beanalyzed is referred to as facts. The knowledge of the system is written inrule-based programming (IF situation THEN action). These rules are applied to thefacts, the data that comes in from a sensor or a system that is being monitored.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


mamcneil

mamcneil

Thank you ITIL for helping me know how knowledge and data interplay with each other.