I. Compare and contrast anomaly-based detection with signature-based detection. Explain how they are similar but uniquely different when examining intrusions into an information security system.
II. Review the purpose of a clipping level and why it is important to know that as a trigger that can be sent to system administrators to investigate possible issues.
III. Summarize the benefits and drawbacks of this detection method.