CTC 452 Quiz 6

Where is a host-based IDPS agent typically placed?

Which of the following is true about an NIDPS versus an HIDPS?

A weakness of a signature-based system is that it must keep state information on a possible attack.

Which of the following is NOT a typical IDPS component?

Which of the following is NOT a primary detection methodology?

Which of the following is true about an HIDPS?

An IDPS consists of a single device that you install between your firewall and the Internet.

Which of the following is an IDPS security best practice?

What is an advantage of the anomaly detection method?

Which of the following is a sensor type that uses bandwidth throttling and alters malicious content?

Which of the following is true about the steps in setting up and using an IDPS?

Which of the following is NOT a method used by passive sensors to monitor traffic?

Which of the following is NOT a network defense function found in intrusion detection and prevention systems?

Which of the following is an advantage of a signature-based detection system?

Which type of IDPS can have the problem of getting disparate systems to work in a coordinated fashion?

A hybrid IDPS combines aspects of NIDPS and HIDPS configuration

Why might you want to allow extra time for setting up the database in an anomaly-based system?

Which method for detecting certain types of attacks uses an algorithm to detect suspicious traffic, is resource intensive, and requires extensive tuning and maintenance?

If you see a /16 in the header of a snort rule, what does it mean?