From the course: Cisco Certified CyberOps Associate (200-201) Cert Prep: 1 Security Concepts

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Comparing detection methods

Comparing detection methods

From the course: Cisco Certified CyberOps Associate (200-201) Cert Prep: 1 Security Concepts

Start my 1-month free trial

Comparing detection methods

- Devices, such as intrusion detection, intrusion prevention systems along with anti-malware protection, actively monitor traffic for malicious activity, using a variety of methods. Let's compare some of the methods in use today. Traditional antivirus software relies heavily on Signature Based detection which recognizes the signature or binary pattern. In this image, we see a recognized characteristic of known malware. Now keep in mind, signature-based detection might even include something as simple as a specific URL. While we still use Signature Detection, there are limitations , in that this type of detection cannot examine the contents of certain files, such as a zip file. In addition, Signature Detection cannot assess fileless malware. After 2010, malware protection made a shift to more advanced methods to be able to detect newer malware variants designed to elude detection. To avoid detection, a standard…

Contents