FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

True/False

Review LaterAdd Note

Review Later

All IDPS vendors target users with the same levels of technical and security expertise.

Correct Answer

verified

Show Answer

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

Intrusion ____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.

A) prevention
B) reaction
C) detection
D) correction

Correct Answer

verified

Show Answer

Question 3

Multiple Choice

Review LaterAdd Note

____ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.

The activities that gather information about the organization and its network activities and assets is called fingerprinting._________________________

Intrusion detection and prevention systems perform monitoring and analysis of system events and user behaviors.

____________________ is a systematic survey of all of the target organization's Internet addresses.

List and describe the three advantages of NIDPSs.

The Metasploit Framework is a collection of exploits coupled with an interface that allows the penetration tester to automate the custom exploitation of vulnerable systems.

In TCP/IP networking,port ____ is not used.

With a(n)____________________ IDPS control strategy all IDPS control functions are implemented and managed in a central location.

Alarm filtering is alarm clustering that may be based on combinations of frequency,similarity in attack signature,similarity in attack target,or other criteria that are defined by the system administrators._________________________

Minutiae are unique points of reference that are digitized and stored in an encrypted format when the user's system access credentials are created._________________________

Passive scanners are advantageous in that they require vulnerability analysts to get approval prior to testing.

IDPS responses can be classified as active or passive.

A(n)____________________-based IDPS resides on a particular computer or server and monitors activity only on that system.

NIDPSs can reliably ascertain if an attack was successful or not.

For Linux or BSD systems,there is a tool called "scanner" that allows a remote individual to "mirror" entire Web sites._________________________

Enticement is the action of luring an individual into committing a crime to get a conviction._________________________

The statistical anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal.

____ is an event that triggers an alarm when no actual attack is in progress.