FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 61

Multiple Choice

Review LaterAdd Note

Review Later

__________ are decoy systems designed to lure potential attackers away from critical systems.

A) Honeypots
B) Bastion hosts
C) Wasp nests
D) Designated targets

Correct Answer

verified

Show Answer

Question 62

True/False

Review LaterAdd Note

Review Later

When a collection of honeypots connects several honeypot systems on a subnet, it may be called a(n) honeynet. _________________________

Correct Answer

verified

Show Answer

Question 63

Essay

Review LaterAdd Note

The use of switched network protocols does not affect an HIDPS.

A fully distributed IDPS control strategy is an IDPS implementation approach in which all control functions are applied at the physical location of each IDPS component.

To prevent problem behaviors by increasing the perceived risk of discovery and punishment for those who would attack or otherwise abuse the system

The ____________________ port is also known as a switched port analysis (SPAN) port or mirror port.

Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. _________________________

Using __________, the system reviews the log files generated by servers, network devices, and even other IDPSs.

To assist in footprint intelligence collection, attackers may use an enhanced Web scanner that, among other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses.

A false positive is the failure of an IDPS system to react to an actual attack event.

A(n) __________ IDPS is focused on protecting network information assets.

An IDPS can be configured to dial a phone number and produce an alphanumeric page or other type of signal or message.

A padded cell is a hardened honeynet. _________________________

NIDPSs are not usually susceptible to direct attack and may not be detectable by attackers.

An HIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing.

A ____________________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software.

A passive vulnerability scanner is one that initiates traffic on the network in order to determine security holes.

HIDPSs are also known as system ____________________ verifiers.

Once the OS is known, all of the vulnerabilities to which a system is susceptible can easily be determined.

The integrity value, which is based upon fuzzy logic, helps an administrator determine how likely it is that an IDPS alert or alarm indicates an actual attack in progress. _________________________