6.4 practice questions

which is true about IDS?

An IDS monitors data packets for malicious or unauthorized traffic.

Which IDS method defines a baseline of normal network traffic then looks for anything that falls outside of that baseline?

Anomaly-based

Which IDS traffic assessment indicates that the system identified harmless traffic as offensive and generated an alarm or stopped the traffic?

False positive

What can you implement with IPsec that will scan the contents of encrypted traffic to prevent any malicious attacks?

Host based IDS

What tool should you use if you want to be able to identify and be notified of any attacks, as well as the system to take immeditte action to stop/prevent the attack?

IPS

Which IDS type can alert you to tresspassers?

PIDS

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identifying entities listed in a database?

Signature-based IDS

Which of the following describes the worst possible action by an IDS?

The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.

You've just installed a new network based IDS system that uses signature recognition. What should you do on a regular basis?

Update the signature files.

Which of the following is true about NIDS?

detects malicious or unusual incoming and outgoing traffic in real time