What is the major drawback of anomaly detection IDS?
(a) These are very slow at detection
(b) It generates many false alarms
(c) It doesn’t detect novel attacks
(d) None of the mentioned
I had been asked this question during an interview.
The question is from Security topic in portion Security of Operating System