Module 9 - Security Technology: Intrusion Detection and
Prevention Systems and Other Security Tools questions with
verified answers
_________ benchmark and monitor the status of key system files and detect
when an intruder creates, modifies, or deletes monitored files. Ans✓✓✓ HIDPSs
__________ is the action of luring an individual into committing a crime to get a
conviction. Ans✓✓✓ Entrapment
A hardened honeypot is also known as a protected cell system. (T/F) Ans✓✓✓
False
A HIDPS is also known as a system validity verifier. (T/F) Ans✓✓✓ False
A packet _________ is a software or hardware appliance that can intercept, copy,
and interpret network traffic. Ans✓✓✓ Sniffer
A passive IDPS response is a definitive action automatically initiated when certain
types of alerts are triggered. (T/F) Ans✓✓✓ False
A passive vulnerability scanner is one that initiates traffic on the network in order
to determine security holes. (T/F) Ans✓✓✓ False
A(n) ________ IDPS is focused on protecting network information assets.
Ans✓✓✓ network-based
, A(n) ______________ -based IDPS resides on a particular computer or server and
monitors activity only on that system. Ans✓✓✓ host
A(n) monitoring vulnerability scanner is one that listens in on the network and
determines vulnerable versions of both server and client software. (T/F)
Ans✓✓✓ False
A(n) NIPDS functions on the host system, where encrypted traffic will have been
decrypted and is available for processing. (T/F) Ans✓✓✓ False
A(n) partially distributed IDPS control strategy combines the best of other IDPS
strategies. (T/F) Ans✓✓✓ True
Activities that scan networks for active systems and then identify the network
services offered by the host systems are known as __________. Ans✓✓✓
fingerprinting
Administrators should encourage users to experiment with hackerware tools as
they assist the organization in detecting potential vulnerabilities in the systems.
(T/F) Ans✓✓✓ False
Alarm __________ and compaction is a consolidation of almost identical alarms
that happen at close to the same time into a single higher-level alarm. Ans✓✓✓
clustering
Alarm filtering and compaction is the process of grouping almost identical alarms
that occur nearly at the same time into a single higher-level alarm. (T/F) Ans✓✓✓
False
Prevention Systems and Other Security Tools questions with
verified answers
_________ benchmark and monitor the status of key system files and detect
when an intruder creates, modifies, or deletes monitored files. Ans✓✓✓ HIDPSs
__________ is the action of luring an individual into committing a crime to get a
conviction. Ans✓✓✓ Entrapment
A hardened honeypot is also known as a protected cell system. (T/F) Ans✓✓✓
False
A HIDPS is also known as a system validity verifier. (T/F) Ans✓✓✓ False
A packet _________ is a software or hardware appliance that can intercept, copy,
and interpret network traffic. Ans✓✓✓ Sniffer
A passive IDPS response is a definitive action automatically initiated when certain
types of alerts are triggered. (T/F) Ans✓✓✓ False
A passive vulnerability scanner is one that initiates traffic on the network in order
to determine security holes. (T/F) Ans✓✓✓ False
A(n) ________ IDPS is focused on protecting network information assets.
Ans✓✓✓ network-based
, A(n) ______________ -based IDPS resides on a particular computer or server and
monitors activity only on that system. Ans✓✓✓ host
A(n) monitoring vulnerability scanner is one that listens in on the network and
determines vulnerable versions of both server and client software. (T/F)
Ans✓✓✓ False
A(n) NIPDS functions on the host system, where encrypted traffic will have been
decrypted and is available for processing. (T/F) Ans✓✓✓ False
A(n) partially distributed IDPS control strategy combines the best of other IDPS
strategies. (T/F) Ans✓✓✓ True
Activities that scan networks for active systems and then identify the network
services offered by the host systems are known as __________. Ans✓✓✓
fingerprinting
Administrators should encourage users to experiment with hackerware tools as
they assist the organization in detecting potential vulnerabilities in the systems.
(T/F) Ans✓✓✓ False
Alarm __________ and compaction is a consolidation of almost identical alarms
that happen at close to the same time into a single higher-level alarm. Ans✓✓✓
clustering
Alarm filtering and compaction is the process of grouping almost identical alarms
that occur nearly at the same time into a single higher-level alarm. (T/F) Ans✓✓✓
False
