Copy and Edit

IPS

Description

NSE4 6.0 NSE4 6.0 Quiz on IPS, created by Marcos Avila on 12/09/2018.
Marcos Avila
Quiz by Marcos Avila, updated more than 1 year ago
Marcos Avila
Created by Marcos Avila almost 6 years ago
73
1
0

Resource summary

Question 1

Question
A known, confirmed attack Detected when a file or traffic matches a signature pattern: 1- lPS signatures 2- WAF signatures 3- Antivirus signatures Example: Exploit of known application vulnerabilities
Answer
  • Exploit
  • Anomaly

Question 2

Question
Can be zero-day or denial of service attacks (DoS) Detected by behavioral analysis: 1-Rate-based IPS signatures 2-DoS policies 3-Protocol constraints inspection Example: Abnormally high rate of traffic (DoS/flood)
Answer
  • Exploit
  • Anomaly

Question 3

Question
Flow-based detection and blocking :
Answer
  • Known exploits that match signatures Network errors and protocol anomalies
  • Known exploits and protocol anomalies Network errors that match signatures

Question 4

Question
IPS Components‘ IPS signature databases ‘ Protocol decoders IPS engine (Select 3)
Answer
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol decoders
  • IPS engine databases

Question 5

Question
IPS engine (Select 5)
Answer
  • Application control
  • Anti-virus (flow based)
  • Web filter (flow based)
  • Email filter (flow based)
  • Data Leak Prevention (DLP) (flow based in one-arm sniffer mode)
  • Anti-virus (flow based in one-arm sniffer mode)
  • IPS (flow based)
  • Anti-spam (flow based)

Question 6

Question
Decoders parse protocols. lPS signatures find parts of a protocol that don’t conform. For example, too many HTTP headers, or a buffer overflow attempt Unlike proxy-based scans, IPS often does not require IANA standard ports. Automatically selects decoder for protocol at each OSI layer
Answer
  • What Are Protocol Decoders?
  • What Are Protocol?
  • What Are Decoders?

Question 7

Question
IPS packages are updated by FortiGuard. (Select 3)
Answer
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol
  • IPS databases
  • IPS signature

Question 8

Question
Choosing the Signature Database - [blank_start]Regular[blank_end] : Common attacks with fast, certain identification (default action is block) - [blank_start]Extended[blank_end] : Performance-intensive
Answer
  • Regular
  • Extended

Question 9

Question
In fact, because of its size, the extended database is only available for FortiGate models with a smaller disk or RAM. But, for high-security networks, you might be required to enable the extended signatures database.
Answer
  • True
  • False

Question 10

Question
Configuring IPS sensors
Answer
  • Two ways: Add signatures Add filters
  • Three ways: Add signatures Add filters Add IPS profile in the policy

Question 11

Question
IPS Actions (Select 6)
Answer
  • Pass
  • Monitor
  • Warning
  • Block
  • Reset
  • Default
  • Packet Logging
  • Quarantine

Question 12

Question
Which of the following are evaluated first in an lPS sensor?
Answer
  • A. IPS filter
  • B. IPS signature

Question 13

Question
Which IPS component is updated most frequently?
Answer
  • A. Protocol decoders
  • B. IPS signature database
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

Autenticacion y Control Acceso
Milton Valencia Rincon
FIREWALL
diana moreno
Conceptos de IMAGEN
RAQUEL CUENCA GARCÍA
Italian: Basics
Selam H
Psychology A1
Ellie Hughes
GCSE Physics Revision notes
Megan McDonald
GCSE AQA Biology 1 Nerves & Hormones
Lilac Potato
HEMORRAGIAS - OBST PATOLOGICA
María José Alvarez Gazzano
1PR101 2.test - Část 6.
Nikola Truong
Legislative Branch
Mr. Vakhovsky
Core 1.12 Timbers blank test
T Andrews
Browse Library