Intrusion Prevention Systems (IPS) Quiz

Questions and Answers

What is one of the reasons for the increased volume and sophistication of attacks on organizations?

• Limited attacks against clients and applications
• Reduced interest in high-profile hacks
• Decrease in the use of BYOD and remote workers
• Highly profitable denied-market demand for stolen data (correct)

What has led to the increase in any time, anywhere data consumption?

• Encouragement of BYOD and flexible working environments (correct)
• Decrease in cybercriminal activities
• Strict control over data consumption
• Limited access to sensitive data

What is one of the key requirements for IPS in today's threat landscape?

• Ignoring protocol abnormalities
• Blocking a wider range of threats while minimizing false positives (correct)
• Reducing the security posture
• Only focusing on server-based applications

What does IPS provide through its signatures?

Vulnerability shielding also known as virtual patching (A)

What does IPS better protect in the industrial environment?

ICS and SCADA systems by controlling or restricting access to risky industrial protocols (A)

What motivates cybercriminals to increase the volume and sophistication of their attacks on organizations?

Highly profitable denied market for stolen data (A)

What increases the risk of sensitive data exposure outside corporate boundaries?

BYOD and flexible working environments (C)

What does IPS help to protect against in terms of network intrusions?

Known vulnerability and zero-day exploits (A)

What does IPS support in terms of vulnerability protection?

Major ICS manufacturers to provide vulnerability protection (B)

What does IPS stand for in the context of the text?

Intrusion Prevention System (A)

What is the purpose of IP exemptions in IPS?

To exempt specific hosts from predefined signatures (D)

What is the function of packet logging in IPS?

To save a copy of packets matching any included signatures for later analysis (D)

How does IPS support ICS and SCADA systems better?

By controlling or restricting access to risky industrial protocols (B)

What is the purpose of source quarantine in IPS?

To refuse traffic from attacker's IP-address (C)

What is the role of protocol decoders in IPS?

To understand and expose the structure of industrial protocols (A)

What does parameterized signature support in IPS?

Industrial protocols such as Modbus (D)

What is the primary function of IPS signatures?

To detect known attacks (C)

What is the role of custom signatures in IPS?

To create custom signatures (B)

What is the function of FortiGate flow engine in IPS?

To understand and expose the structure of various industrial protocols (B)