Which of the following would be the BEST solution for an IDS to monitor known attacks?
A.
Host-based
B.
Signature-based
C.
Network-based
D.
Behavior-based
Explanation:
Signature detection involves searching network traffic for a series of bytes or packet sequences
known to be malicious. A key advantage of this detection method is that signatures are easy to
develop and understand if you know what network behavior you’re trying to identify.