Filters
Question type
Study Flashcards

Preconfigured, predetermined attack patterns are called signatures. _________________________

A) True
B) False

Correct Answer

verifed

verified

A passive IDPS response is a definitive action automatically initiated when certain types of alerts are triggered.

A) True
B) False

Correct Answer

verifed

verified

False

Good network design and placement of NIDPS devices can enable an organization to use a few devices to monitor a large network.

Correct Answer

Answered by ExamLex AI

Answered by ExamLex AI

A good network design is crucial for ens...

View Answer

To use a packet sniffer legally, the administrator must __________.


A) be on a network that the organization owns
B) be under direct authorization of the network's owners
C) have knowledge and consent of the content's creators
D) All of the above

E) A) and B)
F) B) and D)

Correct Answer

verifed

verified

A wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network. _________________________

A) True
B) False

Correct Answer

verifed

verified

A(n) server-based IDPS protects the server or host's information assets. _________________________

A) True
B) False

Correct Answer

verifed

verified

To secure data in transit across any network, organizations must use ____________________ to be assured of content privacy.

Correct Answer

verifed

verified

Enticement is the action of luring an individual into committing a crime to get a conviction. _________________________

A) True
B) False

Correct Answer

verifed

verified

__________ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol.


A) Buzz
B) Fuzz
C) Spike
D) Black

E) B) and C)
F) C) and D)

Correct Answer

verifed

verified

Which of the following ports is commonly used for the HTTP protocol?


A) 20
B) 25
C) 53
D) 80

E) B) and C)
F) C) and D)

Correct Answer

verifed

verified

The primary advantages of a centralized IDPS control strategy are cost and ease of use. _________________________

A) True
B) False

Correct Answer

verifed

verified

False - control

IDPS responses can be classified as active or passive.

A) True
B) False

Correct Answer

verifed

verified

To detect and deal with the preambles to attacks (commonly experienced as network probes and other "doorknob rattling" activities)

Correct Answer

Answered by ExamLex AI

Answered by ExamLex AI

To detect and deal with preambles to attacks, such as network probes and other activities akin to "doorknob rattling," organizations can implement a variety of security measures and practices. Here is a comprehensive approach: 1. **Intrusion Detection Systems (IDS):** Deploy network-based IDS to monitor network traffic for suspicious activities. These systems can detect patterns that indicate reconnaissance activities like port scans or sweeps. 2. **Intrusion Prevention Systems (IPS):** Implement IPS to automatically block detected threats based on predefined security policies. IPS can take immediate action to prevent potential attacks detected by the IDS. 3. **Firewalls:** Configure firewalls to restrict incoming and outgoing network traffic to only allow legitimate connections. Firewalls can be set up to block traffic from suspicious IP addresses or ports commonly used in scanning activities. 4. **Security Information and Event Management (SIEM):** Use SIEM systems to aggregate and analyze logs from various sources within the network. SIEM can help identify patterns and anomalies that could indicate a preliminary stage of an attack. 5. **Vulnerability Management:** Regularly scan and assess the network for vulnerabilities. Keeping systems patched and updated reduces the risk of attackers exploiting known weaknesses. 6. **Network Segmentation:** Divide the network into segments to limit the spread of an attack. By isolating critical systems, you can minimize the impact of a potential breach. 7. **Endpoint Protection:** Install antivirus and anti-malware solutions on endpoints to detect and prevent malicious activities. Advanced endpoint protection platforms can also provide behavioral analysis to detect unusual actions. 8. **Security Awareness Training:** Educate staff about common attack vectors, such as phishing or social engineering, which can be precursors to more serious attacks. Employees should be trained to recognize and report suspicious activities. 9. **Honeypots:** Deploy honeypots within the network to attract attackers. Honeypots can divert attackers from valuable assets and provide insights into their tactics and techniques. 10. **Threat Intelligence:** Subscribe to threat intelligence feeds to stay informed about the latest threats and vulnerabilities. This information can help you anticipate and prepare for potential attack vectors. 11. **Incident Response Plan:** Develop and maintain an incident response plan to quickly and effectively respond to security incidents. The plan should include procedures for identifying, containing, eradicating, and recovering from attacks. 12. **Regular Audits and Penetration Testing:** Conduct regular security audits and penetration testing to evaluate the effectiveness of your security measures and identify areas for improvement. By implementing these strategies, organizations can enhance their ability to detect and respond to the early signs of cyber attacks, thereby reducing the risk of a successful breach. It's important to note that security is an ongoing process, and defenses must be continuously evaluated and updated to adapt to the evolving threat landscape.

The anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal.

A) True
B) False

Correct Answer

verifed

verified

List and describe at least four reasons to acquire and use an IDPS.

Correct Answer

verifed

verified

To provide useful information about intrusions that do take place, allowing improved diagnosis, recovery, and correction of causative factors

Correct Answer

Answered by ExamLex AI

Answered by ExamLex AI

One way to provide useful information ab...

View Answer

To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive.

A) True
B) False

Correct Answer

verifed

verified

Network behavior analysis system __________ sensors are typically intended for network perimeter use, so they are deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall.


A) inline
B) offline
C) passive
D) bypass

E) B) and D)
F) C) and D)

Correct Answer

verifed

verified

The disadvantages of using the honeypot or padded cell approach include the fact that the technical ​implications of using such devices are not well understood. _________________________

A) True
B) False

Correct Answer

verifed

verified

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base.


A) vulnerabilities
B) fingerprints
C) signatures
D) footprints

E) B) and C)
F) B) and D)

Correct Answer

verifed

verified

Showing 1 - 20 of 121

Related Exams

Exam 1

Introduction to Information Security

87 Questions

Exam 2

The Need for Security

91 Questions

Exam 3

Legal, Ethical, and Professional Issues in Information Security

84 Questions

Exam 4

Planning for Security

110 Questions

Exam 5

Risk Management

108 Questions

Exam 6

Security Technology: Access Controls, Firewalls, and Vpns

117 Questions

Exam 8

Cryptography

109 Questions

Exam 9

Physical Security

78 Questions

Exam 10

Implementing Information Security

78 Questions

Exam 11

Security and Personnel

78 Questions

Exam 12

Information Security Maintenance

116 Questions

Show Answer