Security Application and Devices

Question 1

What is an IDS

Answer 1

Intrusion Detection System
its a device or software that monitors and analysis that data passing thru in order to identify attacks.

Question 2

How many IDS are there?

Answer 2

Two.
Host-based IDS (HIDS)
Network-based IDS (NIDS)

Question 3

What methods IDS use to detect intrusion. ?

Answer 3

Signature-based detection
Policy-based detection
Anomaly-based detection.

Question 4

What are the 4 alerts of IDS?

Answer 4

True positive
True negative
False positive
False negative.

Question 5

What can IDS do ?

Answer 5

It can only alert and log suspicious activities.

Question 6

What is DLP?

Answer 6

DLP stands for Data Loss Prevention.
It monitors the data system while in use, at rest or in transit.

Question 7

How many DLP systems are there?

Answer 7

Endpoint DLP
Network DLP
Discovery, and
Cloud.

Question 8

Name two types of Disk Encryption?

Answer 8

Hardware based and Software based encryption.

Question 9

What is EPP?

Answer 9

Endpoint Protection Platform.

its a software agent/monitoring system that performs multiple security tasks such as anti-virus, HIDS/HIPS, firewall, DLP, and file encryption.

Question 10

What is UEBA?

Answer 10

User Entity Behavior Analytics.
Its a system that can provide automated identification activity by user accounts and computers hosts.