Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CYBR perimeter defense > 5-2 > Flashcards

5-2 Flashcards

1
Q

there are 6 basic approaches to IDS and IPS. some of these methods are implimented in various software packages and other are simply strategies that an organization can employ to decrease the likelihood of a ___________

A

successful intrusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

when ids was first developed _________ were generally used

A

hubs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

with a hub a packet is sent from its _________________ via the IP address. when it arrives at its target network . then a mac address is used to find the target. be aware that all computers on this segment can see the packet, but since the mac address doesn’t match the other computers can ignore it.

A

source network to its destination network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

sometimes called banishment vigilance, seeks to prevent intrusions before they occur. but can be complicated since it could block legitimate traffic

A

preemptive blocking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

normally a software system will alert the administrator of suspicious. a human administrator will then decide whether or not to ______________. the preemptive looking technique should only be part of an overall intrusion detection strategy

A

block traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

anomalies are detected in one of a few ways including

A

threshold monitoring
resource profiling
user/group work profiling
executable profiling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

this technique involves actual software that works to detect intrusion attempts and notify the administrator

A

anomoly detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

this technique monitors preset acceptable behavior levels and observes whether these levels are exceeded

A

threshold monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

threshold provides a definition of __________ behavior

A

acceptable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

indications of abnormal resource usage with resource profiling can be indicative of ____________

A

illicate activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

the enables the ids to id activity that might indicate an attack. once a potential danger is identified, the admin is contacted.

A

executalbe profiling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

_______ is an element of data source that is of interest to the operator

A

activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

the ____________ is the person responsible for organizational security

A

administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

the ids component that collects data and passes it to the analyzer for analysis

A

sensor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

the component or process that analyzes the data collected by the sensor

A

analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CYBR perimeter defense (83 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions