Statistical Anomaly-Based ID - With this method, an IDS acquires data and defines a "normal" usage profile for the network or host that is being monitored. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 49

Explanation/Reference:
Explanation:
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network.
The connection is reliable because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission.
A message authentication code (MAC) is a short piece of information used to authenticate a message-in other words, to provide integrity and authenticity assurances on the message. Integrity assurances detect accidental and intentional message changes, while authenticity assurances affirm the message's origin.
A MAC algorithm, sometimes called a keyed (cryptographic) hash function (however, cryptographic hash function is only one of the possible ways to generate MACs), accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes known as a tag). The MAC value protects both a message's data integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.
Incorrect Answers:
A: Secure Sockets Layer (SSL) does not use a Message Authentication Code (MAC) for message non- repudiation.
B: Secure Sockets Layer (SSL) does not use a Message Authentication Code (MAC) for message confidentiality; it uses symmetric cryptography for that.
C: Secure Sockets Layer (SSL) does not use a Message Authentication Code (MAC) for message interleave checking.
References:
https://en.wikipedia.org/wiki/Transport_Layer_Security
https://en.wikipedia.org/wiki/Message_authentication_code

A watering hole attack is a type of attack that targets a specific group of users by compromising a website that they frequently visit. The attacker then uses the compromised website to deliver malware or exploit code to the visitors, hoping to infect their systems and gain access to their networks or data. A watering hole attack is dependent upon the compromise of a secondary target (the website) in order to reach the primary target (the users). A brute force attack, a spear phishing attack, and an Address Resolution Protocol (ARP) poisoning attack are not dependent on compromising a secondary target. References:
* [7]: CISSP CBK, 4th edition, page 431
* [8]: CISSP Official (ISC)2 Practice Tests, 3rd edition, page 129

The answer: Rijndael. Rijndael is the new approved method of encrypting sensitive but unclassified information for the U.S. government. It has been accepted by and is also widely used in the public arena as well. It has low memory requirements and has been constructed to easily defend against timing attacks.
The following answers are incorrect: Twofish. Twofish was among the final candidates chosen for AES, but was not selected.
Serpent. Serpent was among the final candidates chosen for AES, but was not selected. RC6. RC6 was among the final candidates chosen for AES, but was not selected.
The following reference(s) were/was used to create this question: ISC2 OIG, 2007 p. 622, 629-630 Shon Harris AIO, v.3 p 247-250