|
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. |
Host-based IDS |
|
what does a host-based intrusion detection systems often rely upon to perform detection activities? |
Host system auditing capabilities |
|
Which actions can a typical passive intrusion detection system (IDS) take when it detects an attack? (Select two.) |
An alert is generated and delivered via email, the console, or an SNMP trap. The IDS logs all pertinent data about the intrusion. |
|
Network-based intrusion detection is most suited to detect and prevent which types of attacks? |
Bandwidth-based denial of service |
|
Which of the following activities are considered passive in regards to the function of an intrusion detection system? |
Monitoring the audit trails on a server. Listening to network traffic. |
|
Which of the following devices can monitor a network and detect potential security attacks? |
IDS |
|
Which of the following are security devices that perform stateful inspection of packet data and look for patterns that indicate malicious code? (Select two.) |
IPS IDS |
|
You have configured an NIDS to monitor network traffic. Which of the following describes harmless traffic that has been identified as a potential attack by the NIDS device? |
Fase positive |
|
Which of the following describes a false positive when using an IPS device? |
Legitimate traffic being flagged as malicious. |
|
Which of the following devices is capable of detecting and responding to security threats? |
IPS |
|
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. Ina addition, you want the system to take immediate action to stop or prevent the attack, If possible. Which tool should you use? |
IPS |
|
Network-based intrusion detection is most suited to detect and prevent which types of attacks? |
bandwidth-based denial of service |
|
A honeypot is used for which purpose? |
To delay intruders in order to gather auditing data. |
|
Your organization uses a web server to host an e-commerce site. Because this web server handles financial transactions, you are concerned that it could become a prime target for exploits. You want to implement a network security control that will analyze the contents of each packet going to or from the web server. The security control must be able to identify malicious payloads and block them. What should you do? |
Implement an application-aware IPS in front of the web server |
|
Which of the following describes the worst possible action by an IDS? |
The system identified harmful traffic as harmless and allowed it to pass without generating any alerts. |
Share This
Flashcard
