CYSE 6

What is the difference between a stateful packet filtering firewall and a basic packet filtering firewall?

A stateful packet filtering firewall tracks sessions between systems

What is the purpose of a network DMZ?

Provide external access to systems that need to be exposed to external networks such as the Internet in order to function

What is a key difference between signature and anomaly detection in IDSs?

Signature detection uses fingerprints or distinct patterns of attacks to detect intrusions; anomaly detection uses deviation from baseline activity to detect instructions

What is the primary purpose of a network firewall?

control the traffic allowed in and out of a network

What is the primary purpose of a Network Intrusion Detection System?

detect possible attack traffic

Which of the following is not a protocol for wireless encryption?

kismet

Why does network segmentation generally improve security?

malicious traffic cannot freely traverse the internal network

What tool mentioned in the text might we use to scan for devices on a network, to include fingerprinting the operating system and detecting versions of services on open ports?

nmap

Which of the following is not a reason to use a honeypot?

release classified or PII data

For what might we use the tool Kismet?

to detect wireless devices