6.8.7.

Ace your homework & exams now with Quizwiz!

Which actions can a typical passive intrusion detection system (IDS) take when it detects an attack? (Select two.)

An alert is generated and delivered via email, the console, or an SNMP trap. The IDS logs all pertinent data about the intrusion.

Network-based intrusion debtection is most suited to detect and prevent which types of attacks?

Bandwidth-based denial of service

letwork-based intrusion detection is most suited to detect and prevent which types of attacks?

Bandwidth-based denial of service

You have configured an NIDS to monitor network traffic, Which of the following describes harmless traffic that has been identified as a potential attack by the NIDS device?

False positive

Which of the following devices can monitor a network and detect potential security attacks?

IDS

Which of the following are security devices that perform stateful inspection of packet data and look for patterns that indicate malicious code? (Select two.)

IDS IPS

Which of the following devices is capable of detecting and responding to security threats?

IPS

You are concemed about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action to stop or prevent the attack, if possible. Which tool should you use?

IPS

Your organization uses a web server to host an e-commerce site. that it could become a prime target for Because this web server handles financial transactions, you are concerned exploits. You want to implement a network security control that will analyze the contents of each packet going to or from the web server. The security control must be able to identify malicious payloads and block them.

Implement an application-aware IPS in front of the web server

Which of the following describes a false positive when using an IPS device?

Legitimate traffic being flagged as malicious

Which of the following activities are considered passive in regards to the function of an intrusion detection system? (Choose two.)

Listening to network traffic Monitoring the audit trails on a server

What do host-based intrusion detection systems often rely upon to perform detection activities?

O Host system auditing capabilities External sensors

As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks.

O Host-based IDS

Which of the following describes the worst possible action by an IDS?

The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.

A honeypot is used for which purpose?

To delay intruders in order to gather auditing


Related study sets

Ch. 31 Assessing Children and Adolescents

View Set

BIO 1114 Lab Final Study Material

View Set

Roman Empire: Spread of Christianity

View Set

Ch. 26: Truman and the Cold War, 1945-1952

View Set

NU 273 practice questions Week 1

View Set

Reproductive Disorders Practice Questions

View Set