One form of IDS starts operation by generating an alert for every action Over time the administrator adjusts the setting of the IDS so that common benign activities do not generate alarms What are the

Advantages:

1. High accuracy: This design ensures that only suspicious or abnormal activities trigger an alert, reducing the number of false positives and increasing the accuracy of the IDS.

2. Reduced workload: By filtering out benign activities, the IDS reduces the workload of the administrator. They do not have to spend time sifting through a large number of alerts to identify potential threats.

3. Better visibility: By focusing on suspicious activities, the IDS provides better visibility into potential security threats, allowing administrators to respond quickly and effectively.

Disadvantages:

1. Slow response time: It may take some time for the administrator to adjust the settings of the IDS to filter out benign activities. This delay could allow an attacker to carry out their attack before being detected.

2. Limited coverage: By filtering out benign activities, the IDS may miss certain types of attacks that disguise themselves as normal traffic.

3. Increased complexity: The process of adjusting the settings of the IDS can be complex, requiring a high level of technical expertise. This complexity may make it difficult for some organizations to implement and manage an IDS effectively