Security System Deception Tactics

Questions and Answers

PDF Questions PDF Answers

Implementing a Data Loss Prevention strategy can improve the actual security of a system, but not the perceived security.

False

Data Loss Prevention is only concerned with securing data at rest.

False

Raising the perceived risk of a potential intruder being caught is a tactic in Data Loss Prevention.

False

DLP controls are based on a specific type of threat detection.

False

The primary goal of Data Loss Prevention is to reduce the apparent value of the system's worth.

False

There has been a shift in attention and investment from securing the network to securing systems within the network and to securing the data itself.

True

Intrusion deflection is a type of SIEM system that helps coordinate security activity on a network.

False

Analyzing database transaction logs involves examining what SQL statements are executed on the target system.

True

Intrusion deterrence is a type of NIDS deployment strategy that involves placing sensors in a network.

False

SIEM systems are used to detect and respond to threats in real-time.

False

Header signature analysis involves analyzing database transaction logs.

False

NIDS sensors are typically placed in a network to detect and respond to threats.

False

A network-based IDS can monitor network traffic on multiple segments and traffic on other means of communication, such as phone lines, simultaneously.

False

A string signature for a UNIX system might look for a text string that indicates a possible attack, such as "cat " + " >/.rhosts".

True

A port signature involves looking for a text string that indicates a possible attack.

False

A NIDS can capture all network traffic that crosses its network segment by placing the network interface card in normal mode.

False

A header condition signature is used to detect anomalies in network traffic patterns.

False

A compound string signature is used to refine a port signature to reduce the number of false positives.

False