6.4 Intrusion Detection and Prevention

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following is true about an intrusion detection system?

An intrusion detection system monitors data packets for malicious or unauthorized traffic.

Which IDS method defines a baseline of normal network traffic and then looks for anything that falls outside of that baseline?

Anomaly-based

Which IDS traffic assessment indicates that the system identified harmless traffic as offensive and generated an alarm or stopped the traffic?

False positive

As a security precaution, you've implemented IPsec to work between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?

Host-based IDS

You're concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action to stop or prevent the attack, if possible. Which tool should you use?

IPS

Which of the following is true about an NIDS?

It detects malicious or unusual incoming and outgoing traffic in real time.

Which IDS type can alert you to trespassers?

PIDS

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identifying entities listed in a database?

Signature-based IDS

Which of the following describes the worst possible action by an IDS?

The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.

You've just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis?

Update the signature files.


Conjuntos de estudio relacionados

SOCI 261 Second Midterm Review (Concordia University)

View Set

International Business Practices

View Set

Microeconomics Chapter 16 Questions

View Set