FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 21

True/False

Review LaterAdd Note

Review Later

The disadvantages of using the honeypot or padded cell approach include the fact that the technical ​implications of using such devices are not well understood. _________________________

Correct Answer

verified

Show Answer

Question 22

True/False

Review LaterAdd Note

Review Later

Administrators who are wary of using the same tools that attackers use should remember that a tool that can help close an open or poorly configured firewall will not help the network defender minimize the risk from attack.

Correct Answer

verified

Show Answer

Question 23

True/False

Review LaterAdd Note

IDPS responses can be classified as active or passive.

A fully distributed IDPS control strategy is an IDPS implementation approach in which all controlfunctions are applied at the physical location of each IDPS component.

A(n) port is the equivalent of a network channel or connection point in a data communications system. _________________________

All IDPS vendors target users with the same levels of technical and security expertise.

A(n) __________ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.

An HIDPS can detect local events on host systems and detect attacks that may elude a network-based IDPS.

Intrusion detection consists of procedures and systems that identify system intrusions and take action when an intrusion is detected.

With a(n) ____________________ IDPS control strategy, all IDPS control functions are implemented and managed in a central location.

____________________ scanning will allow an Nmap user to bounce a scan across a firewall by using one of the idle DMZ hosts as the initiator of the scan.

A(n) known vulnerability is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss. _________________________

A(n) partially distributed IDPS control strategy combines the best of other IDPS strategies. _________________________

A ____________________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software.

The process of entrapment occurs when an attacker changes the format and/or timing of activities to avoid being detected by an IDPS. _________________________

When the measured activity is outside the baseline parameters, it is said to exceed the ____________________ level.

__________ are decoy systems designed to lure potential attackers away from critical systems.

Alarm events that are accurate and noteworthy but do not pose significant threats to information security are called noise. _________________________

The ____________________ port is also known as a switched port analysis (SPAN) port or mirror port.

A packet ____________________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic.