IS4560 T&D CH 15 Flashcards
1
Q
- A detection method based on detecting activity that deviates from established normal behavior.
A
Anomaly detection
2
Q
- A collection of multiple honeypots in a network for the purposes of luring and trapping hackers.
A
Honeynet
3
Q
- A closely monitored system that usually contains a large number of files that appears to be valuable or sensitive, and serves as a trap for hackers. This distracts hackers from real targets, detects new exploitations, and learns the identities of hackers.
A
Honeypot
4
Q
- A software application that is designed to detect unusual activity on an individual system and report or log this activity as appropriate.
A
Host-based intrusion detection system (HIDS)
5
Q
- The unauthorized use or access of a system by an individual, party, or service. Simply put, this is any activity that should not occur on an information system, but is.
A
Intrusion
6
Q
- The technique of uncovering successful or attempted unauthorized access to an information system.
A
Intrusion detection
7
Q
- The improper use of privileges or resources within an organization; not necessarily malicious in nature, but misuse all the same.
A
Misuse
8
Q
- The ability to detect activity that matches known misuse of resources or privileges.
A
Misuse detection
9
Q
- A software application designed to detect and report suspicious or unusual activity on a network segment.
A
Network-based intrusion detection system (NIDS)
10
Q
- A technique that compares sniffed traffic or other activity with that stored in a database for comparison.
A
Signature Analysis