Question 1

What are honeypots? Briefly describe each of the two general types.

Accepted Answer

Honeypots are closely monitored network

Question 2

The term ____ refers to the level at which the IDS triggers an alert to notify the administrator.

Accepted Answer

A) clipping level 
B) cache level 
C) signature matching 
D) Alarm Filtering 
A) clipping level 
B) cache level 
C) signature matching 
D) Alarm Filtering

Question 3

The Electronic Communications Protection Act prohibits the recording of wire- or cable-based communications unless an exception applies.Briefly discuss four of these exceptions.

Accepted Answer

These exceptions include:
1.Interception

Question 4

A ____ is a high-interaction honeypot designed to capture extensive information on threats.

Accepted Answer

A) DNS cache 
B) honeypot Farm 
C) DNS farm 
D) network-based IDS 
A) DNS cache 
B) honeypot Farm 
C) DNS farm 
D) network-based IDS

Question 5

Match each statement with an item below.
-Triggers an alert or alarm when one of the following changes occurs: file attributes change,new files are created,or existing files are deleted.

Accepted Answer

A) Intrusion detection system 
B) HIDS 
C) Signature-based IDS 
D) Enticement 
E) Entrapment
F)Alarm clustering
G)NIDS
H)Nmap
I)Scanning utility 
A) Intrusion detection system 
B) HIDS 
C) Signature-based IDS 
D) Enticement 
E) Entrapment
F)Alarm clustering
G)NIDS
H)Nmap
I)Scanning utility

Question 6

____ is an IDS's ability to dynamically modify its site policies in reaction or response to environmental activity.

Accepted Answer

A) Alarm Compaction 
B) Site policy awareness 
C) True Attack Stimulus 
D) Confidence Value 
A) Alarm Compaction 
B) Site policy awareness 
C) True Attack Stimulus 
D) Confidence Value

Question 7

What are the advantages and disadvantages of NIDS?

Accepted Answer

Advantages
1.Good network design and pla

Question 8

_________________________ is the process of evaluating circumstances around organizational events,determining which events are possible incidents,or incident candidates,and then determining whether or not the event constitutes an actual incident.

Accepted Answer

Incident c

Question 9

A ____ is a type of IDS that is similar to the NIDS,reviews the log files generated by servers,network devices,and even other IDSs.

Accepted Answer

A) honeypot 
B) alarm cluster 
C) log file monitor 
D) DNS cache 
A) honeypot 
B) alarm cluster 
C) log file monitor 
D) DNS cache

What are honeypots? Briefly describe each of the two general types.

The term ____ refers to the level at which the IDS triggers an alert to notify the administrator.

The Electronic Communications Protection Act prohibits the recording of wire- or cable-based communications unless an exception applies.Briefly discuss four of these exceptions.

A ____ is a high-interaction honeypot designed to capture extensive information on threats.

Match each statement with an item below. -Triggers an alert or alarm when one of the following changes occurs: file attributes change,new files are created,or existing files are deleted.

____ is an IDS's ability to dynamically modify its site policies in reaction or response to environmental activity.

What are the advantages and disadvantages of NIDS?

_________________________ is the process of evaluating circumstances around organizational events,determining which events are possible incidents,or incident candidates,and then determining whether or not the event constitutes an actual incident.

A ____ is a type of IDS that is similar to the NIDS,reviews the log files generated by servers,network devices,and even other IDSs.

Contingency Planning Within Information Security

Planning for Organizational Readiness

Incidence Response: Preparation, Organization, and Prevention

Incidence Response: Reaction, Recovery, and Maintenance

Contingency Strategies for Business Resumption Planning

Disaster Recovery: Preparation and Implementation

Disaster Recovery: Operation and Maintenance

Business Continuity Preparation and Implementation

Business Continuity Operations and Maintenance

Crisis Management and Human Factors

Filters

Exam 4: Incident Response: Detection and Decision Making

What are honeypots? Briefly describe each of the two general types.

The term ____ refers to the level at which the IDS triggers an alert to notify the administrator.

The Electronic Communications Protection Act prohibits the recording of wire- or cable-based communications unless an exception applies.Briefly discuss four of these exceptions.

A ____ is a high-interaction honeypot designed to capture extensive information on threats.

Match each statement with an item below. -Triggers an alert or alarm when one of the following changes occurs: file attributes change,new files are created,or existing files are deleted.

____ is an IDS's ability to dynamically modify its site policies in reaction or response to environmental activity.

What are the advantages and disadvantages of NIDS?

_________________________ is the process of evaluating circumstances around organizational events,determining which events are possible incidents,or incident candidates,and then determining whether or not the event constitutes an actual incident.

A ____ is a type of IDS that is similar to the NIDS,reviews the log files generated by servers,network devices,and even other IDSs.

Contingency Planning Within Information Security

Planning for Organizational Readiness

Incidence Response: Preparation, Organization, and Prevention

Incidence Response: Reaction, Recovery, and Maintenance

Contingency Strategies for Business Resumption Planning

Disaster Recovery: Preparation and Implementation

Disaster Recovery: Operation and Maintenance

Business Continuity Preparation and Implementation

Business Continuity Operations and Maintenance

Crisis Management and Human Factors

Filters