FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

True/False

Review LaterAdd Note

Review Later

An HIDPS can monitor system logs for predefined events.

Correct Answer

verified

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

Your organization's operational goals, constraints, and culture should not affect the selection of the IDPS and other security tools and technologies to protect your systems.

Correct Answer

verified

Show Answer

Question 3

Short Answer

Review LaterAdd Note

A(n) ____________________ system contains pseudo-services that emulate well-known services, but is configured in ways that make it look vulnerable to attacks.

The ongoing activity from alarm events that are accurate and noteworthy but not necessarily significant as potentially successful attacks is called ____________________.

A passive vulnerability scanner is one that initiates traffic on the network in order to determine security holes.

__________ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.

A padded cell is a hardened honeynet. _________________________

A(n) __________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic.

The anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal.

The Metasploit Framework is a collection of exploits coupled with an interface that allows the penetration tester to automate the custom exploitation of vulnerable systems.

Under the guise of justice, some less scrupulous administrators may be tempted to ____________________, or hack into a hacker's system to find out as much as possible about the hacker.

The process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS is known as a false attack stimulus.

List and describe at least four reasons to acquire and use an IDPS.

A(n) ____________________ vulnerability scanner is one that initiates traffic on the network in order to determine security holes.

__________ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.

A(n) ____________________-based IDPS resides on a particular computer or server and monitors activity only on that system.

To use a packet sniffer legally, the administrator must __________.

Intrusion detection and prevention systems perform monitoring and analysis of system events and user behaviors.

To assist in footprint intelligence collection, attackers may use an enhanced Web scanner that, among other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses.

The attack ____________________ is a series of steps or processes used by an attacker, in a logical sequence, to launch an attack against a target system or network.