Objective 6a

Question 1

Monitors network traffic and changes to computer settings to detect patterns indicating known intrusion attempts

Answer 1

Intrusion Detection

Question 2

System scanning, auditing, and monitoring security infrastructure for signs of attacks in progress

Answer 2

Intrusion Detection System

Question 3

Blocks network traffic when it detects intrusion

Answer 3

Active IDS (Also known as Intrusion Prevention System, IPS)

Question 4

Monitors network traffic and only alerts administrator about suspicious traffic

Answer 4

Passive IDS

Question 5

Examines network traffic for suspicious patterns

Answer 5

Network-Based IDS

Question 6

Examines servers or client computers for patterns of an intrusion

Answer 6

Host-Based IDS

Question 7

When shows of an attack has happened but triggered by normal traffic or results from misconfigured equipment

Answer 7

False Positive

Question 8

Provides insight to what may be happening on network and systems

Answer 8

Passive IDS

Question 9

Allows administrators to see misuse occurring within system itself

Answer 9

Host Based Intrusion Detection System (HIDS)

Question 10

Primarily uses passive hardware sensors to monitor traffic on specific segment of network

Answer 10

Network Based Intrusion Detection System (NIDS)

Question 11

Look for specific groupings of characters common in known attacks

Answer 11

String Signatures

Question 12

Watch for connection attempts to well-known, frequently attacked ports

Answer 12

Port Signatures

Question 13

Watch for dangerous or illogical combinations in packet headers

Answer 13

Header Signatures