Recent

  • Show all results for ""
quiz image

CYB236 Chapter 7: Intrusion Detection Systems

IntelligentJasper852 avatar
IntelligentJasper852
·
·
Download

Start Quiz

Study Flashcards

40 Questions

What is a consequence of an unattended workstation being used by an intruder?

Consumption of resources and slowed performance

What is the primary motivation of hackers?

Thrisk of access and/or status

What is the goal of a Denial of Service (DOS) attack?

To prevent legitimate users of a service from using that service

What is an intrusion defined as?

Any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource

What is a Masquerader?

An individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account

What is an example of a malicious user using a fake IP address?

Address spoofing

What is a Clandestine user?

An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection

What is the purpose of an Intrusion Prevention System (IPS)?

To detect intrusions

What is a Misfeasor?

A legitimate user who accesses data, programs, or resources for which such access is not authorized

What is an example of a type of malicious software?

Virus

What is a reason why an unsecured modem can be a security risk?

It can be used to access internal networks

What is an Insider attack?

An attack by a person with authorized access to the system

What is a Cracker?

Malicious software that attacks a system

What is the term for organized groups of hackers?

Criminal hackers

What is a type of Insider attack?

All of the above

What is a common target of criminal hackers on e-commerce servers?

Credit card files

What is a Hacker?

A person who attacks a system via communication links

Why are insider attacks particularly challenging to detect and prevent?

Because employees have access and knowledge of systems

What can be used to detect and prevent insider attacks?

IDS / IPS systems, enforcement of least privilege, monitoring of logs, and strong authentication

What motivates insiders to carry out attacks?

Revenge or entitlement

What should sensitive data be protected with?

Encryption

What is a security incident where an intruder gains unauthorized access to a system?

Security intrusion

What is a common characteristic of criminal hackers?

They act quickly once they penetrate a system

Why are IDS / IPS systems less effective against criminal hackers?

They are less effective against targeted attacks

What is the primary purpose of an Intrusion Detection System?

To detect and provide warnings of unauthorized access attempts

What is the primary function of a Sensor in an IDS?

To collect data from the network and forward it to the analyzer

What is the role of an Analyzer in an IDS?

To determine if an intrusion has occurred

What type of input can a Sensor receive in an IDS?

Any part of a system that could contain evidence of an intrusion

What is the purpose of the Reporting function in an IDS?

To generate conclusions and act on analysis results

What is the primary difference between an IDS and a Firewall?

IDS detects attacks, while Firewalls prevent them

What is the primary benefit of using an IDS in addition to a Firewall?

To add an additional layer of security

What are the three logical components of an IDS?

Sensors, Analyzers, and Reporters

What is the primary purpose of the output of an IDS component?

To indicate that an intrusion has occurred

What is a key characteristic of an IDS's user interface?

It may be equivalent to a manager, director, or console component

Which of the following is NOT a requirement for an IDS?

It must be able to predict future intrusions

What is the primary purpose of an IDS's ability to resist subversion?

To ensure the IDS can monitor itself and detect modifications

What is the consequence of an IDS's ability to provide graceful degradation of service?

If some components of the IDS stop working, the rest will be affected as little as possible

What is a key benefit of an IDS's ability to adapt to changes in system and user behavior over time?

It can better respond to changing security threats

What is a key requirement for an IDS in terms of its operation?

It must be able to run continually with minimal human supervision

What is the primary purpose of an IDS's ability to be configured according to the security policies of the system being monitored?

To ensure the IDS is aligned with the system's security policies

Test your knowledge of intrusion detection systems, including types of IDS, attacks, and behaviors. Learn about the basic components and requirements of IDS, as well as classification and techniques.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

Introduction to Intrusion Detection Systems (IDS) Quiz
5 questions

Introduction to Intrusion Detection Systems (IDS) Quiz

LikeGold avatar
LikeGold
Intrusion Detection and Prevention Methods
41 questions

Intrusion Detection and Prevention Methods

ProfusePlatinum avatar
ProfusePlatinum
CYB236 Chapter 8: Host-based Intrusion Detection Systems
25 questions

CYB236 Chapter 8: Host-based Intrusion Detection Systems

IntelligentJasper852 avatar
IntelligentJasper852
Network Intrusion Detection
8 questions

Network Intrusion Detection

AutonomousRosemary avatar
AutonomousRosemary
Use Quizgecko on...
Browser
Open
Browser
Browser