header bg


Which type of IDS is in place in the case that an IDS installed on the network perimeter sees a spike in traffic during off-duty hours and begins logging and alerting?

A Anomaly based

IDSs might be based on signatures or anomalies. Over time, anomaly-based systems establish a baseline of usual traffic patterns, and anything that deviates from the baseline is flagged.