M7Q32: IDS & IPS Flashcards

1
Q

An IDS is a device that is placed on the edge of the network.

A. True
B. False

A

B. False

Explanation: Firewalls run on the edge of a network whereas IDS and IPS devices run from inside the network to identify and prevent unauthorized traffic that makes it through the firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A ______________ actively defends a network by both detecting and preventing attacks.

A. Host-based IDS
B. Network-based IDS
C. Host-based IPS
D. Network-based IPS

A

D. Network-based IPS

Explanation: Switches learn the MAC address of connected hosts and keep them stored in the MAC address table.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The main difference between an IDS and an IPS is that an IDS only performs intrusion detection and alerting, while an IPS performs detection, alerting, and prevention.

A. True
B. False

A

A. True

Explanation: An IDS (Intrusion Detection System) only does detection and alerting while an IPS (Intrusion Prevention System) performs detection, alerting, and also stops attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An IPS is only security device needed to actively protect a network.

A. True
B. False

A

B. False

Explanation: While an IPS is a strong addition to the security of a network it cannot be used alone. IDS and IPS must be integrated into an overall network security solution that also includes things like firewalls, anti-malware, secure authentication mechanisms, router and switch security, secure networking protocols, network access control, and physical security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly