Chat with AIExam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools
Exam 1: Introduction to Information Security87 Questions
Exam 2: The Need for Security91 Questions
Exam 3: Legal, Ethical, and Professional Issues in Information Security84 Questions
Exam 4: Planning for Security110 Questions
Exam 5: Risk Management108 Questions
Exam 6: Security Technology: Access Controls, Firewalls, and Vpns117 Questions
Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools121 Questions
Exam 8: Cryptography109 Questions
Exam 9: Physical Security78 Questions
Exam 10: Implementing Information Security78 Questions
Exam 11: Security and Personnel78 Questions
Exam 12: Information Security Maintenance116 Questions
Select questions type
A(n) __________ is an event that triggers an alarm when no actual attack is in progress.
(Multiple Choice)
4.9/5 
(34)
(34) __________ applications use a combination of techniques to detect an intrusion and then trace it back to its source.
(Multiple Choice)
4.9/5 (33)
(33) Most network behavior analysis system sensors can be deployed in __________ mode only, using the same connection methods as network-based IDPSs.
(Multiple Choice)
4.9/5 (38)
(38) To detect attacks and other security violations that are not prevented by other security measures
(Short Answer)
4.8/5 (36)
(36) IDPSs can help the organization protect its assets when its networks and systems are exposed to ____________________ vulnerabilities or are unable to respond to a rapidly changing threat environment.
(Short Answer)
4.8/5 (33)
(33) A(n) log file monitor is similar to an NIDPS. _________________________
(True/False)
4.9/5 (35)
(35) __________ is the process of classifying IDPS alerts so that they can be more effectively managed.
(Multiple Choice)
4.9/5 (40)
(40) Alarm ____________________ and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm.
(Short Answer)
4.7/5 (37)
(37) A packet ____________________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic.
(Short Answer)
4.8/5 (34)
(34) A(n) __________ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.
(Multiple Choice)
4.8/5 (35)
(35) The ability to detect a target computer's __________ is very valuable to an attacker.
(Multiple Choice)
4.7/5 (31)
(31) A(n) ____________________ occurs when an attacker attempts to gain entry or disrupt the normal operations of an information system, almost always with the intent to do harm.
(Short Answer)
4.8/5 (40)
(40) A(n) ____________________-based IDPS resides on a particular computer or server and monitors activity only on that system.
(Short Answer)
4.7/5 (44)
(44) A(n) partially distributed IDPS control strategy combines the best of other IDPS strategies. _________________________
(True/False)
4.9/5 (37)
(37) A signature-based IDPS is sometimes called a(n) ____________________-based IDPS.
(Short Answer)
4.8/5 (33)
(33) An HIDPS can detect local events on host systems and detect attacks that may elude a network-based IDPS.
(True/False)
4.7/5 (33)
(33) The process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS is known as a false attack stimulus.
(True/False)
4.9/5 (35)
(35) The ongoing activity from alarm events that are accurate and noteworthy but not necessarily significant as potentially successful attacks is called ____________________.
(Short Answer)
4.9/5 (46)
(46) A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing. _________________________
(True/False)
4.8/5 (34)
(34) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)