CSA is a behavior-based intrusion prevention system and creates significantly fewer false
negatives than NIDS.
A.
An actively infected system is disinfected of the worm.
B.
Infected machines are identified, contained, and blocked.
C.
All uninfected systems are patched with the appropriate vendor patch for the vulnerability.
D.
The spread of a worm infection is limited to areas of the network that are already affected.