FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 51

True/False

Review LaterAdd Note

Review Later

Intrusion detection and prevention systems can deal effectively with switched networks.

Correct Answer

verified

Show Answer

Question 52

Multiple Choice

Review LaterAdd Note

Review Later

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.

A) packet scanner
B) packet sniffer
C) honey pot
D) honey packet

Correct Answer

verified

Show Answer

Question 53

Short Answer

Review LaterAdd Note

A(n)____________________ occurs when an attacker attempts to gain entry or disrupt the normal operations of an information system,almost always with the intent to do harm.

A(n)port is a network channel or connection point in a data communications system._________________________

A false positive is the failure of an IDPS system to react to an actual attack event.

The ____ is the level at which the number of false rejections equals the false acceptances,and is also known as the equal error rate.

The Simple Network Management Protocol contains trap functions,which allow a device to send a message to the SNMP management console indicating that a certain threshold has been crossed,either positively or negatively.

A sniffer cannot be used to eavesdrop on network traffic.

A padded cell is a hardened honeynet._________________________

The false detect rate is the percentage of identification instances in which unauthorized users are allowed access to systems or areas as a result of a failure in the biometric device._________________________

____ is the process of classifying IDPS alerts so that they can be more effectively managed.

A(n) ____ is a proposed systems user.

HIDPSs are also known as system integrity verifiers.

In DNS cache poisoning,valid packets exploit poorly configured DNS servers to inject false information to corrupt the servers' answers to routine DNS queries from other systems on the network.

A(n) ____ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.

The ____________________ port is also known as a switched port analysis port or mirror port.

In order to determine which IDPS best meets an organization's needs,first consider the organizational environment in technical,physical,and political terms.

____________________ is the process of attracting attention to a system by placing tantalizing bits of information in key locations.

A(n)NIDPS functions on the host system,where encrypted traffic will have been decrypted and is available for processing._________________________

The trace usually consists of a honeypot or padded cell and an alarm._________________________