Certified Network Defender (CND) — Question 86

Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?

Answer options

• A. Behavior-based IDS
• B. Anomaly-based IDS
• C. Signature-based IDS
• D. Stateful protocol analysis

Correct answer: B

Explanation

The correct answer is C, as a signature-based IDS identifies attacks by comparing traffic patterns to known signatures of malicious behavior. Options A and B refer to behavior-based and anomaly-based IDS respectively, which detect intrusions based on deviations from normal behavior rather than specific patterns. Option D, stateful protocol analysis, involves examining the state of network connections rather than relying on matching patterns.