7-5

What actions can a typical passive Intrusion Detection System Take when it detects an attacks? (select two)

A honey pot is used for what purpose?

An active IDS system often performs which of the following actions? (Select two)

You have just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis?

What do host based intrusion detection system often rely upon to perform their detection activities?

You want to create a collection of computers on your network that appear to have valuable data, but are really computers configured with fake data that could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the methods of attack that are being deployed. What should you implement?

What security mechanism can be used to detect attacks originating on the internet or from within an internal trusted subnet?

Which of the following activities are considered passive in regards to the functioning of an intrusion detections system?(Choose two)

You are concerned about protection your network from network-based attacks from the Internet. Specifically, you are concerned about attacks that have not yet been identified or that do not have prescribed protections. Which type of device should you use?

Which of the following devices is capable of detecting and responding to security threats?

Which IDS method searches for intrusion or attack attempt by recognizing patterns or identities listed in a database?

Which of the following describes a false positive when using an IPS device?

What is the most common form of host based IDS that employs signature or pattern matching detection methods?

You have configured a NIDS to monitor network traffic. Which of the following describes an attack that is NOT detected by the NIDS device?

IF maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?