baseline Flashcards
1
Q
baseline patterns
A
Signature-based
monitoring
Network traffic is analyzed for predetermined attack patterns.
These attack patterns are known as signatures.
Anomaly-based
monitoring
Establishes a performance baseline based on a set of normal network
traffic evaluations.
Requires a baseline.
Behavior-based
monitoring
Looks at the previous behavior of applications, executables, and/or the
operating system and compares that to current activity on the system.
If an application later behaves improperly, the monitoring system will
attempt to stop the behavior.
Requires a baseline.
