FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 7: Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

True/False

Review LaterAdd Note

Review Later

Minutiae are unique points of reference that are digitized and stored in an encrypted format when the user's system access credentials are created._________________________

A) True
B) False

Correct Answer

verified

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

Alarm filtering is alarm clustering that may be based on combinations of frequency,similarity in attack signature,similarity in attack target,or other criteria that are defined by the system administrators._________________________

A) True
B) False

Correct Answer

verified

False

Question 3

Multiple Choice

Review LaterAdd Note

____ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.

In TCP/IP networking,port ____ is not used.

Intrusion detection and prevention systems perform monitoring and analysis of system events and user behaviors.

The statistical anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal.

Passive scanners are advantageous in that they require vulnerability analysts to get approval prior to testing.

List and describe the three advantages of NIDPSs.

With a(n)____________________ IDPS control strategy all IDPS control functions are implemented and managed in a central location.

A(n)____________________-based IDPS resides on a particular computer or server and monitors activity only on that system.

____________________ is a systematic survey of all of the target organization's Internet addresses.

For Linux or BSD systems,there is a tool called "scanner" that allows a remote individual to "mirror" entire Web sites._________________________

IDPS responses can be classified as active or passive.

All IDPS vendors target users with the same levels of technical and security expertise.

____ is an event that triggers an alarm when no actual attack is in progress.

Enticement is the action of luring an individual into committing a crime to get a conviction._________________________

Intrusion ____ activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.

The activities that gather information about the organization and its network activities and assets is called fingerprinting._________________________

NIDPSs can reliably ascertain if an attack was successful or not.

The Metasploit Framework is a collection of exploits coupled with an interface that allows the penetration tester to automate the custom exploitation of vulnerable systems.