37. A particular vendor uses the following approach to intrusion detection. 16 The company maintains a large number of honeypots distributed across the Internet. To a potential attacker, these honeypots look like vulnera- ble systems. Consequently, the honeypots attract many attacks and, in particular, new attacks tend to show up on the honeypots soon after- sometimes even during their development. Whenever a new attack is detected at one of the honeypots, the vendor immediately develops a signature and distributes the resulting signature to all systems using its product. The actual derivation of the signature is generally a manual process. a. What are the advantages, if any, of this approach as compared to a standard signature-based system? b. What are the advantages, if any, of this approach as compared to a standard anomaly-based system