Kopieren und bearbeiten

IPS

Beschreibung

NSE4 6.0 NSE4 6.0 Quiz am IPS, erstellt von Marcos Avila am 12/09/2018.
Marcos Avila
Quiz von Marcos Avila, aktualisiert more than 1 year ago
Marcos Avila
Erstellt von Marcos Avila vor fast 6 Jahre
73
1
0

Zusammenfassung der Ressource

Frage 1

Frage
A known, confirmed attack Detected when a file or traffic matches a signature pattern: 1- lPS signatures 2- WAF signatures 3- Antivirus signatures Example: Exploit of known application vulnerabilities
Antworten
  • Exploit
  • Anomaly

Frage 2

Frage
Can be zero-day or denial of service attacks (DoS) Detected by behavioral analysis: 1-Rate-based IPS signatures 2-DoS policies 3-Protocol constraints inspection Example: Abnormally high rate of traffic (DoS/flood)
Antworten
  • Exploit
  • Anomaly

Frage 3

Frage
Flow-based detection and blocking :
Antworten
  • Known exploits that match signatures Network errors and protocol anomalies
  • Known exploits and protocol anomalies Network errors that match signatures

Frage 4

Frage
IPS Components‘ IPS signature databases ‘ Protocol decoders IPS engine (Select 3)
Antworten
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol decoders
  • IPS engine databases

Frage 5

Frage
IPS engine (Select 5)
Antworten
  • Application control
  • Anti-virus (flow based)
  • Web filter (flow based)
  • Email filter (flow based)
  • Data Leak Prevention (DLP) (flow based in one-arm sniffer mode)
  • Anti-virus (flow based in one-arm sniffer mode)
  • IPS (flow based)
  • Anti-spam (flow based)

Frage 6

Frage
Decoders parse protocols. lPS signatures find parts of a protocol that don’t conform. For example, too many HTTP headers, or a buffer overflow attempt Unlike proxy-based scans, IPS often does not require IANA standard ports. Automatically selects decoder for protocol at each OSI layer
Antworten
  • What Are Protocol Decoders?
  • What Are Protocol?
  • What Are Decoders?

Frage 7

Frage
IPS packages are updated by FortiGuard. (Select 3)
Antworten
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol
  • IPS databases
  • IPS signature

Frage 8

Frage
Choosing the Signature Database - [blank_start]Regular[blank_end] : Common attacks with fast, certain identification (default action is block) - [blank_start]Extended[blank_end] : Performance-intensive
Antworten
  • Regular
  • Extended

Frage 9

Frage
In fact, because of its size, the extended database is only available for FortiGate models with a smaller disk or RAM. But, for high-security networks, you might be required to enable the extended signatures database.
Antworten
  • True
  • False

Frage 10

Frage
Configuring IPS sensors
Antworten
  • Two ways: Add signatures Add filters
  • Three ways: Add signatures Add filters Add IPS profile in the policy

Frage 11

Frage
IPS Actions (Select 6)
Antworten
  • Pass
  • Monitor
  • Warning
  • Block
  • Reset
  • Default
  • Packet Logging
  • Quarantine

Frage 12

Frage
Which of the following are evaluated first in an lPS sensor?
Antworten
  • A. IPS filter
  • B. IPS signature

Frage 13

Frage
Which IPS component is updated most frequently?
Antworten
  • A. Protocol decoders
  • B. IPS signature database
Zusammenfassung anzeigen Zusammenfassung ausblenden

Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.

ähnlicher Inhalt

Autenticacion y Control Acceso
Milton Valencia Rincon
FIREWALL
diana moreno
Conceptos de IMAGEN
RAQUEL CUENCA GARCÍA
Purchase -to -Pay Geschäftsprozess
zok42.com
Pädagogik Abitur 2016: Freud
Lena S.
Struktur und Entwicklung der Gegenwartgesellschaft Österreich im Wandel - Fragen
Anita Pitsch
Vetie - Pathologie Fragen aus dem A-Skript
Fioras Hu
Angewandte Sozialpsychologie
Leonie Horn
GESKO A JOUR WS18/19
anna Meyer
Vetie Histopatho 2014
Ann-Kathrin Riedel
Vetie Gerichtliche Veterinärmedizin
Fioras Hu
Bibliothek durchsuchen