Homework Help is Here – Start Your Trial Now!
Engineering
Cybersecurity
Analysis methodology Will it trap the port-scanning application? Comments Multi-conditional Signature Anomaly Behavioral Unlikely No No Depends Availability No Trend Possibly Heuristic Yes Port scanning usually does not involve looking for more than one condition. The application is new, and no signature of scanning by the port-scanning application has been created. Because the application is new, a baseline has not yet been established. Behavioral scanning could trap the application but only if the action by the application is different from other applications. Scanning would not prevent a network device from properly functioning. The volume of scan events could trigger a response. A response is triggered if any application tries to scan multiple ports.

Analysis methodology Will it trap the port-scanning application? Comments Multi-conditional Signature Anomaly Behavioral Unlikely No No Depends Availability No Trend Possibly Heuristic Yes Port scanning usually does not involve looking for more than one condition. The application is new, and no signature of scanning by the port-scanning application has been created. Because the application is new, a baseline has not yet been established. Behavioral scanning could trap the application but only if the action by the application is different from other applications. Scanning would not prevent a network device from properly functioning. The volume of scan events could trigger a response. A response is triggered if any application tries to scan multiple ports.

icon
Related questions
Question

Given a table of the eight different types of analysis, similar to the attached table. an then selected three recent attacks , and for each attack, explain if you think it could have been prevented by each of the data correlations.

 

Analysis methodology Will it trap the port-scanning application? Comments Multi-conditional Signature Anomaly Behavioral Unlikely No No Depends Availability No Trend Possibly Heuristic Yes Port scanning usually does not involve looking for more than one condition. The application is new, and no signature of scanning by the port-scanning application has been created. Because the application is new, a baseline has not yet been established. Behavioral scanning could trap the application but only if the action by the application is different from other applications. Scanning would not prevent a network device from properly functioning. The volume of scan events could trigger a response. A response is triggered if any application tries to scan multiple ports.
Transcribed Image Text:Analysis methodology Will it trap the port-scanning application? Comments Multi-conditional Signature Anomaly Behavioral Unlikely No No Depends Availability No Trend Possibly Heuristic Yes Port scanning usually does not involve looking for more than one condition. The application is new, and no signature of scanning by the port-scanning application has been created. Because the application is new, a baseline has not yet been established. Behavioral scanning could trap the application but only if the action by the application is different from other applications. Scanning would not prevent a network device from properly functioning. The volume of scan events could trigger a response. A response is triggered if any application tries to scan multiple ports.
Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 1 steps

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer