CYB236 Chapter 7: Intrusion Detection Systems
40 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is an intrusion defined as?

  • Any set of actions that attempt to compromise the integrity of a resource
  • Any set of actions that attempt to compromise the confidentiality of a resource
  • Any set of actions that attempt to compromise the availability of a resource
  • Any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource (correct)
  • What type of intruder accesses data, programs, or resources for which access is not authorized?

  • Insider
  • Masquerader
  • Clandestine user
  • Misfeasor (correct)
  • What is a type of malicious software?

  • Virus
  • Trojan horse
  • MalWare
  • All of the above (correct)
  • What is a Clandestine user?

    <p>An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls</p> Signup and view all the answers

    What is an example of an intrusion?

    <p>All of the above</p> Signup and view all the answers

    What is a Masquerader?

    <p>An individual who penetrates a system’s access controls to exploit a legitimate user’s account</p> Signup and view all the answers

    What type of intruder is referred to as a hacker or cracker?

    <p>An individual who attacks via communication links</p> Signup and view all the answers

    What is a type of intruder who accesses resources for which access is authorized, but misuses privileges?

    <p>Misfeasor</p> Signup and view all the answers

    What is an example of an intruder's behavior?

    <p>Running a packet sniffer</p> Signup and view all the answers

    What is the primary motivation of hackers?

    <p>Thrill of access and/or status</p> Signup and view all the answers

    What is the purpose of a Denial of Service (DOS) attack?

    <p>To prevent legitimate users from accessing a service</p> Signup and view all the answers

    What is an example of a type of attack that can be countered with an intrusion detection system?

    <p>All of the above</p> Signup and view all the answers

    What is an example of a type of malicious activity?

    <p>Distributing pirated software</p> Signup and view all the answers

    What is the term for a malicious user who uses a fake IP address to send malicious packets?

    <p>Address spoofer</p> Signup and view all the answers

    What is a consequence of benign intruders' actions?

    <p>Slow performance for legitimate users</p> Signup and view all the answers

    What is a type of technology that can help counter hacker threats?

    <p>Virtual private network (VPN) technology</p> Signup and view all the answers

    What is the primary function of Intrusion Detection Systems?

    <p>To provide real-time warning of unauthorized access attempts</p> Signup and view all the answers

    Where are firewalls typically placed?

    <p>On the network perimeter</p> Signup and view all the answers

    What is the purpose of Sensors in IDS?

    <p>To collect data from the network</p> Signup and view all the answers

    What is the function of the Analyzer in IDS?

    <p>To determine if an intrusion has occurred</p> Signup and view all the answers

    What is the input for a sensor in IDS?

    <p>Any part of a system that could contain evidence of an intrusion</p> Signup and view all the answers

    What is the purpose of Reporting in IDS?

    <p>To generate conclusions and act on analysis results</p> Signup and view all the answers

    What do Firewalls allow in IDS?

    <p>Only traffic to legitimate hosts and services</p> Signup and view all the answers

    What is the typical placement of Intrusion Detection Systems?

    <p>Network perimeter</p> Signup and view all the answers

    What is the purpose of the output of an IDS component?

    <p>To indicate that an intrusion has occurred</p> Signup and view all the answers

    What is a key function of the user interface in an IDS?

    <p>To enable users to view output and control the system</p> Signup and view all the answers

    What is a requirement for an IDS to operate?

    <p>Minimal human supervision</p> Signup and view all the answers

    What should an IDS be able to do in case of system crashes?

    <p>Recover and re-initialize</p> Signup and view all the answers

    What is a key security requirement for an IDS?

    <p>Resist subversion</p> Signup and view all the answers

    What is a performance requirement for an IDS?

    <p>Impose a minimal overhead on the system</p> Signup and view all the answers

    What should an IDS be able to do in terms of configuration?

    <p>Be configured according to the security policies of the system</p> Signup and view all the answers

    What should an IDS be able to do in terms of scalability?

    <p>Scale to monitor a large number of hosts</p> Signup and view all the answers

    What is a key feature of modern Intrusion Detection Systems?

    <p>Dynamic reconfiguration</p> Signup and view all the answers

    What is the primary goal of an active response in IDS?

    <p>To drop connections and reconfigure network devices</p> Signup and view all the answers

    What is a benefit of passive response in IDS?

    <p>Lower potential damage costs</p> Signup and view all the answers

    What is the primary purpose of an analysis module in IDS?

    <p>To refine intrusion detection parameters and algorithms</p> Signup and view all the answers

    What is an advantage of using signature detection in IDS?

    <p>It can detect unexpected application services</p> Signup and view all the answers

    What is a common issue with multiple alarm types in IDS?

    <p>Deciding which alarm to investigate</p> Signup and view all the answers

    What is the purpose of an Intrusion Detection System?

    <p>To detect potential intrusions and respond accordingly</p> Signup and view all the answers

    What is an advantage of using anomaly detection in IDS?

    <p>It can detect denial of service attacks</p> Signup and view all the answers

    Use Quizgecko on...
    Browser
    Browser