A technology firm recently installed a new intrusion detection system. The system does not show suspicious activity, while scanning tools confirm infiltration attempts. The engineering group verified the sensor is active on the correct network segment but has found no root cause. Which measure is the best approach to address the problem?
Increase bandwidth dedicated to the sensor
Upload a complete set of detection references to the sensor
A system without adequate detection references does not identify harmful traffic, letting infiltration attempts pass unnoticed. Updating detection references provides current patterns for alert generation. The other options revolve around tasks that do not correct a sensor missing its required analysis data. Upgrading firmware, modifying bandwidth, or restricting user access can help in other scenarios, but these do not solve incomplete detection references.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are detection references in an intrusion detection system (IDS)?
Open an interactive chat with Bash
How often should detection references be updated, and why is it important?
Open an interactive chat with Bash
What is the difference between an IDS and a firewall in threat detection?