Which of the following is a direct Intrusion Detection System (IDS) data source

Question

Which of the following is a direct Intrusion Detection System (IDS) data source for analysis?

  

Operating System event logs

   

Network packets

  

Network flow information generated by routers about network traffic

  

Syslog data

Question 2

5 / 5 pts

What is the de-facto industry standard for Software Defined Networking (SDN) controller-to-element communication?

  

DiffServ

   

SNMP

   

OpenFlow

   

TLS

IncorrectQuestion 3

0 / 5 pts

Which type of Intrusion Detection & Prevention Systems (IDPS) monitors for deviations based on knowledge gathered over time of normal usage patterns of users and systems?

  

Knowledge-based

   

Behavior-based

   

Host-based

   

Network-based

IncorrectQuestion 4

0 / 5 pts

Which network performance measure is the amount of data that can be transferred over network per unit time?

  

Latency (delay)

   

Quality of Service (QoS)

   

Throughput (capacity)

   

Jitter (variability)

IncorrectQuestion 5

0 / 5 pts

Which Intrusion Detection Systems (IDS) architecture component performs some action in response to detected attack?

  

Traffic Collector

   

Director

   

Agents

   

Notifiers

Question 6

5 / 5 pts

Which Intrusion Detection Systems (IDS) architecture component obtains information from multiple sources to perform time-based correlation to derive more significant actions?

  

Notifiers

   

Director

   

Traffic Collector

   

Agents

Question 7

5 / 5 pts

Which of the following is a marketing perspective of Software Defined Networking (SDN) and not necessarily SDN in reality?

  

way to eliminate all human error and more than 65% of operational costs

   

technology giving programmers more control over network equipment

   

approach with potential to make some improvements in network configuration

   

approach with potential to make some improvements in network management

IncorrectQuestion 8

0 / 5 pts

Which of the following is True about Packet Filter Firewall?

  

Cannot do reliable analysis of layer 4 or higher content

  

Can reconstruct layer 4 traffic in addition to Layer 3 reassembly

Leverage basic network stack functionality to sanitize application level traffic

  

Firewall software runs in application space on firewall

Question 9

5 / 5 pts

Which Intrusion Detection Systems (IDS) architecture component is responsible for gathering activity and event data for analysis?

  

Director

   

Agents

   

Notifiers

   

Traffic Collector

Question 10

5 / 5 pts

Which of the following is NOT a motivation for moving to Software Defined Networking (SDN)?

  

Automate and unify network-wide configuration

   

Change from cross-layer to per-layer control

   

Move from proprietary to open standards

Switch from element management to network management especially in support of virtualization used in data centers

Question 11

5 / 5 pts

Which of the following is NOT a goals of Firewalls?

Separate networks with differing security requirements including Internet from internal network and wherever internal networks have varying security requirements

Protect against outside attackers from offensive Web sites & potential hackers

  

Insert network security by wrapping or interposing filters on network traffic

Provide computers on internal networks with malicious and unnecessary Internet traffic

Question 12

5 / 5 pts

Which of the following is True about Packet Filter Firewall?

  

Can reconstruct layer 4 traffic in addition to Layer 3 reassembly

  

Firewall software runs in application space on firewall

  

Blocks traffic based on source & destination address, ports & protocols

Leverage basic network stack functionality to sanitize application level traffic

IncorrectQuestion 13

0 / 5 pts

Which type of Intrusion Detection & Prevention Systems (IDPS) detects activity taking place on network or specific segment of network?

  

Host-based

   

Knowledge-based

   

Behavior-based

   

Network-based

Question 14

5 / 5 pts

Firewalls are not needed to secure home networks just corporate networks.

  

True

   

False

Question 15

5 / 5 pts

Which of the following is an Intrusion Handling Eradication activity?

  

Gather information about attacker

  

Use Honeypots to observe attacks

  

Tighten firewalls

  

Gather evidence & take action against attacker

IncorrectQuestion 16

0 / 5 pts

Which of the following is a direct Intrusion Detection System (IDS) data source for analysis?

  

Syslog data

  

System calls

  

Network flow information generated by routers about network traffic

  

Operating System event logs

IncorrectQuestion 17

0 / 5 pts

Which of the following is True about Application Proxy Firewall?

  

Traffic source is unaware of proxy

Leverage basic network stack functionality to sanitize application level traffic

  

Operates at Layer 3 in router or HW firewall

  

Can reconstruct layer 4 traffic in addition to Layer 3 reassembly

IncorrectQuestion 18

0 / 5 pts

Which of the following is not a purpose of Port Scanning?

Scan all ports on system to find out which ports open with services running behind them

  

Detect & correct undesired behavior

Generate report listing services & vulnerabilities present on system to help decide which nonessential services can be disabled

Performed regularly to compare results against baseline data to ensure nonessential services have not been unknowingly enabled

Question 19

5 / 5 pts

Which of the following is True about Stateful Packet Filter Firewall?

  

Firewall software runs in application space on firewall

  

Can reconstruct layer 4 traffic in addition to Layer 3 reassembly

Leverage basic network stack functionality to sanitize application level traffic

  

Operates at Layer 3 in router or HW firewall

IncorrectQuestion 20

0 / 5 pts

ZigBee complies with IEEE 802.15.4 as wireless mesh network used primarily for Internet of Things (IoT). Which of the following is NOT part of ZigBee protocol stack?

  

TCP

   

UDP

   

IPv6

   

HTTP

Quiz Score: 55 out of 100

Explanation / Answer

Answers)

1) Which of the following is a direct Intrusion Detection System (IDS) data source for analysis?
Operating System event logs
Network packets
Network flow information generated by routers about network traffic
Syslog data

Answer)
Network packets -- is a direct Intrusion Detection System (IDS) data source for analysis.
IDs detects potentially harmful and malicious network packets.

2) What is the de-facto industry standard for Software Defined Networking (SDN) controller-to-element communication?
DiffServ
SNMP
OpenFlow
TLS

Answer)
OpenFlow --- is the industry standard for Software Defined Networking (SDN) controller-to-element communication, considered one of the first SDN standards

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.