[Cisspstudy] Question on IDS
Mark Price
prinext at gmail.com
Fri Jan 15 23:06:52 EST 2010
I went with "A". Because the question is based on something you have already or tangible evidence. Signature "file" is tangible and or Passive or Learning mode "file" is as well. Once the file is created it cannot learn any more...At best add or ad mend to it. Besides IDS is matching traffic to a particular type of activity and then responds if need be.
I hope this helps.
V/r,
Mark Price
PRINEXT
c:240-743-7654
mprice at prinext.com
www.prinext.com
-----Original Message-----
From: Saurabh Bhargava <catchbhargava at yahoo.com>
Date: Fri, 15 Jan 2010 16:52:29
To: The CISSP Study Mailing list<cisspstudy at cccure.org>
Subject: [Cisspstudy] Question on IDS
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
More information about the cisspstudy
mailing list