Chat with AIExam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools
Exam 1: Introduction to Information Security87 Questions
Exam 2: The Need for Security91 Questions
Exam 3: Legal, Ethical, and Professional Issues in Information Security83 Questions
Exam 4: Planning for Security109 Questions
Exam 5: Risk Management108 Questions
Exam 6: Security Technology: Access Controls, Firewalls, and VPNS106 Questions
Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools107 Questions
Exam 8: Cryptography109 Questions
Exam 9: Physical Security77 Questions
Exam 10: Implementing Information Security78 Questions
Exam 11: Security and Personnel77 Questions
Exam 12: Information Security Maintenance116 Questions
Select questions type
Alarm ____________________ and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm.
(Short Answer)
4.9/5 
(36)
(36) __________ is the process of classifying IDPS alerts so that they can be more effectively managed.
(Multiple Choice)
4.9/5 (38)
(38) Once the OS is known, all of the vulnerabilities to which a system is susceptible can easily be determined.
(True/False)
4.9/5 (44)
(44) Services using the TCP/IP protocol can run only on their commonly used port number as specified in their original Internet standard.
(True/False)
5.0/5 (38)
(38) Alarm filtering may be based on combinations of frequency, similarity in attack signature, similarity in attack target, or other criteria that are defined by the system administrators. _________________________
(True/False)
4.7/5 (36)
(36) Security tools that go beyond routine intrusion detection include honeypots, honeynets, and padded cell systems.
(True/False)
4.8/5 (37)
(37) Intrusion detection and prevention systems can deal effectively with switched networks.
(True/False)
4.9/5 (37)
(37) In ____________________ protocol verification, the higher-order protocols are examined for unexpected packet behavior or improper use.
(Short Answer)
4.8/5 (36)
(36) Which of the following is NOT a described IDPS control strategy
(Multiple Choice)
4.7/5 (38)
(38) A(n) event is an indication that a system has just been attacked or is under attack. _________________________
(True/False)
4.9/5 (41)
(41) Three methods dominate IDPS detection methods: the ____________________-based approach, the statistical anomaly-based approach, and the stateful packet inspection approach.
(Short Answer)
4.9/5 (40)
(40) A(n) server-based IDPS protects the server or host's information assets. _________________________
(True/False)
4.9/5 (42)
(42) In the process of protocol application verification, the NIDPSs look for invalid data packets. _________________________
(True/False)
4.8/5 (35)
(35) Which of the following ports is commonly used for the HTTP protocol
(Multiple Choice)
4.8/5 (27)
(27) A __________ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software.
(Multiple Choice)
4.8/5 (39)
(39) A(n) log file monitor is similar to an NIDPS. _________________________
(True/False)
4.8/5 (41)
(41) A(n) __________ is an event that triggers an alarm when no actual attack is in progress.
(Multiple Choice)
4.7/5 (39)
(39) The activities that gather public information about the organization and its network activities and assets is called fingerprinting. _________________________
(True/False)
4.7/5 (37)
(37) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)