AllFreePapers.com - All Free Papers and Essays for All Students
Search

Active Vulnerability Scanner

Autor:   •  June 29, 2015  •  Exam  •  945 Words (4 Pages)  •  1,550 Views

Page 1 of 4
  1. A (n) active vulnerability scanner is one that initiates traffic on the network in order to determine security holes.
  2. Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as fingerprinting.
  3. A (n) supplicant is a proposed systems user
  4. A (n) listener vulnerability scanner is one that listens in on the network and              determines vulnerable versions of both server and client software. False
  5. Trap and trace applications use a combination of techniques to detect an intrusion and then trace it back to its source.
  6. Honeypots are decoy systems designed to lure potential attackers away from critical systems.
  7. A (n) honey pot system contains pseudo-services that emulate well-known services, but is configured in ways that make it look vulnerable to attacks.
  8. Intrusion correction activities finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again.
  9. Enticement is the action of luring an individual into committing a crime to get a conviction. False
  10. A passive response is a definitive action automatically initiated when certain types of alerts are triggered. False
  11. Which of the following ports is commonly used for the HTTP protocol? 80
  12. A sniffer cannot be used to eavesdrop on network traffic. False
  13. A n) intrusion occurs when an attacker attempts to gain entry or disrupt the normal operations of an information system, almost always with the intent to do harm.
  14. A HIDPS can monitor systems logs for predefined events. True
  15. The ongoing activity from alarm events that are accurate and noteworthy but not necessarily significant as potentially successful attacks is called noise
  16. A (n) smart IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment.
  17. In TCP/IP networking, port 0 is not used.
  18. A signature-based IDPS is sometimes called a (n) knowledge-based IDPS.
  19. IDPS researchers have used padded cell and honeypot systems since the late 1980
  20. Alarm clustering and compaction is a consolidation of almost identical alarms that happen at close to the same time into a single higher-level alarm.
  21. Using LFM the system reviews the log files generated by servers, network devices, and even other IDPSs.
  22. A starting scanner is one that initiates traffic on the network in order to determine security holes. True
  23. A(n) padded cell is a honey pot that has been protected so that it cannot be easily compromised
  24. The initial estimation of the defensive state of an organization’s networks and systems is called doorknob. rattling
  25. In application protocol verification, the higher-order protocols are examined for unexpected packet behavior, or improper use
  26. Three methods dominate the IDPSs detection methods: signature-based approach, statistical anomaly-based approach or the stateful packet inspection approach
  27. A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active vulnerability scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers. True
  28. The attack protocol is a series of steps or processes used by an attacker, in a logical sequence, to launch an attack against a target system or network.
  29. A HIDPS is optimized to detect multi host scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches. False
  30. Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization. False
  31. A packet sniffer is a network tool that collects copies of packets from the network and analyzes them.
  32. A (n) host-based IDPS resides on a particular computer or server and monitors activity only on that system.
  33. NIDPSs are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.
  34. A (n) IDS works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.
  35. Among all possible biometrics, iris, fingerprints, retina is (are) considered truly unique.
  36. A false positive is the failure of an IDPS system to react to an actual attack event. False
  37. Most NBA sensors can be deployed in passive mode only, using the same connection methods as network-based IDPSs.
  38. A (n) packet sniffer is a network tool that collects copies of packets from the network and analyzes them.
  39. HIDPSs are also known as system integrity verifiers.
  40. A wireless security toolkit should include the ability to sniff wireless traffic, scan wireless hosts, and assess the level of privacy or confidentiality afforded on the wireless network. True
  41. The crossover error rate is the level at which the number of false rejections equals the false acceptances, also known as the equal error rate.
  42. The monitoring port is also known as a switched port analysis port or mirror port.
  43. A (n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing. False
  44. Minutiae are unique points of reference that are digitized and stored in an encrypted format when the user’s system access credentials are created. True
  45. A fully distributed IDPS control strategy is the opposite of the centralized strategy. True
  46. A (n) network-based IDPS is focused on protecting network information assets.
  47. A (n) log file monitor is similar to a NIDPS. True
  48. To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known signatures in their knowledge base.
  49. A padded cell is a hardened honeynet. False
  50. HIDPSs benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.

...

Download as:   txt (5.9 Kb)   pdf (80 Kb)   docx (8.1 Kb)  
Continue for 3 more pages »