Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 33

What is the difference between the rule-based detection when compared to behavioral detection?

Answer options

• A. Rule-Based detection is searching for patterns linked to specific types of attacks, while behavioral is identifying per signature.
• B. Rule-Based systems have established patterns that do not change with new data, while behavioral changes.
• C. Behavioral systems are predefined patterns from hundreds of users, while Rule-Based only flags potentially abnormal patterns using signatures.
• D. Behavioral systems find sequences that match a particular attack signature, while Rule-Based identifies potential attacks.

Correct answer: B

Explanation

The correct answer is B because rule-based systems rely on static patterns that do not adapt to new data, maintaining their defined criteria. The other options incorrectly describe the nature of each detection type, mixing up the roles of rule-based and behavioral systems.