Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 227

What is a comparison between rule-based and statistical detection?

Answer options

• A. Statistical is based on measured data while rule-based uses the evaluated probability approach.
• B. Statistical uses the probability approach while rule-based is based on measured data.
• C. Rule-based is based on assumptions and statistical uses data known beforehand.
• D. Rule-based uses data known beforehand and statistical is based on assumptions.

Correct answer: D

Explanation

The correct answer, D, accurately describes rule-based detection as relying on pre-existing data while statistical detection is based on assumptions rather than specific known data. Option A incorrectly states the basis of each method, while B also misrepresents the principles behind both approaches. Option C correctly identifies the foundations of each but does not capture the comparison accurately.