Intrusion Detection System / Prevention

Question 1

HIDS ( Host- based Intrusion detection system)

Answer 1

Software installed on a system such as a workstation or server.

Question 2

NIDS ( Network-based intrusion detection )

Answer 2

A sensors placed on a router and firewall that monitors and reports network traffic not able to detect anomalies on individual systems or workstations

Question 3

Signature based

Answer 3

A database of known vulnerabilities or known attack patterns

Question 4

HIPS ( host based Intrusion Prevention system )

Answer 4

Stops attacks in progress by detecting and blocking attacks on workstations and servers

Question 5

Behavior based

Answer 5

Anomaly based is also called

Question 6

IPS ( intrusion Prevention system)

Answer 6

Stops Serious attacks in progress by detecting and blocking attacks on systems and networks

Question 7

Anomaly Based

Answer 7

Can detect unknown anomalies. They start with a performance baseline of normal behavior and then compare network traffic against this baseline. When traffic differs significantly from the baseline the IDS sends an alert.

Question 8

Heuristic

Answer 8

Examine activity and make decisions that are outside the scope of a signature or definition database. This can be effective at discovering zero-day exploits.

Question 9

NIPS network Intrusion protection system

Answer 9

Protects the internal network by detecting malicious traffic and preventing attacks from reaching the internal network.

Question 10

Intrusion detection system IDS

Answer 10

Detected attacks on systems and networks and alerts administrator