What is an IPS signature?
- It is a set of rules used to detect typical intrusive activity.
- It is the timestamp that is applied to logged security events and alarms.
- It is the authorization that is required to implement a security policy.
- It is a security script that is used to detect unknown threats.
Explanation & Hint: An IPS signature uniquely identifies specific malware, protocol anomalies, or malicious traffic. IPS sensors are tuned to look for matching signatures or abnormal traffic patterns. IPS signatures are conceptually similar to the virus.dat file used by virus scanners. |