Describe two advantages and two disadvantages of a signature-based system.

What will be an ideal response?

Advantages:

This approach makes use of signatures of well-known attacks.

This IDPS can begin working immediately after installation.

This IDPS is easy to understand and less difficult to configure than an anomaly-based system.

Each signature in the database is assigned a number and name so that the administrator can specify which attacks should set off an alarm.

Disadvantages:

The database of signatures must be updated to maintain the IDPS's effectiveness.

New types of attacks might not be included in the database.

By making minor alterations to an attack, attackers can avoid matching a signature in the database.

Because a misuse-based system requires a database, extensive disk storage space might be needed.

Computer Science & Information Technology

You might also like to view...

A variable's name should be a(n) ____ that describes the value it stores.

A. verb B. adjective C. adverb D. noun

View

Computer Science & Information Technology

What is the decimal equivalent to the hexadecimal number D?

A. 13 B. 15 C. 12 D. 10

View

Computer Science & Information Technology