IC34M05 - Intrusion Detection Systems

Question 1

IDS Best Practices

Answer 1

• Distributed Deployment
• Use SCADA IDS Signatures
• Be careful not to block necessary traffic when using IPS

Question 2

What does NIDS stand for?
1. Network Instrusion Deployment System
2. New Invention Deploy Safely
3. Network Instrusion Detection System
4. Never Identify Defense Strategy

Answer 2

Network Instrusion Detection System

Question 3

What is an Instrusion Detection System (IDS)?
1. A warning system of excess heat in a server room
2. A device or software program that controls the flow of traffic between networks or network devices
3. Tools to detect attemps to break into misuse a computer system
4. A device that controls the flow of traffic between networks

Answer 3

Tools to detect attemps to break into misuse a computer system

Question 4

The two main types of IDS are?
1. Internet & Computer
2. Network & Host-based
3. Cloud-based & Local
4. Inbound & Outbound

Answer 4

Network & Host-based

Question 5

Which is not an IDS best practice?
1. Be sure not to block necessary traffic with Instrusion Prevention Systems
2. Be sure to block necessary traffic with Intrussion Prevention Systems
3. Install NIDS as zone entry points
4. Enhance signature with SCADA IDS signatures

Answer 5

Be sure to block necessary traffic with Intrussion Prevention Systems

Question 6

Which is an attribute of HIDS?
1. Requires hardware
2. Bandwith dependent
3. Responds after suspicious activity occurs
4. High false positive rate
5. Broad scope

Answer 6

Responds after suspicious activity occurs