On a workstation or server
Where is a host-based IDPS agent typically placed?
An HIDPS can detect attacks not caught by an NIDPS
Which of the following is true about an NIDPS versus an HIDPS?
A weakness of a signature-based system is that it must keep state information on a possible attack.
Which of the following is NOT a typical IDPS component?
Which of the following is NOT a primary detection methodology?
Monitors OS and application logs
Which of the following is true about an HIDPS?
An IDPS consists of a single device that you install between your firewall and the Internet.
Communication between IDPS components should be encrypted
Which of the following is an IDPS security best practice?
System can detect attacks from inside the network by people with stolen accounts
What is an advantage of the anomaly detection method?
Which of the following is a sensor type that uses bandwidth throttling and alters malicious content?
False positives do not compromise network security
Which of the following is true about the steps in setting up and using an IDPS?
Which of the following is NOT a method used by passive sensors to monitor traffic?
Which of the following is NOT a network defense function found in intrusion detection and prevention systems?
Each signature is assigned a number and name
Which of the following is an advantage of a signature-based detection system?
Which type of IDPS can have the problem of getting disparate systems to work in a coordinated fashion?
A hybrid IDPS combines aspects of NIDPS and HIDPS configuration
to allow a baseline of data to be compiled
Why might you want to allow extra time for setting up the database in an anomaly-based system?
Which method for detecting certain types of attacks uses an algorithm to detect suspicious traffic, is resource intensive, and requires extensive tuning and maintenance?
the subnet mask is 255.255.0.0
If you see a /16 in the header of a snort rule, what does it mean?