1) List and describe at least four reasons to acquire and use an IDPS. 2) List a

Question

1) List and describe at least four reasons to acquire and use an IDPS.

2) List and describe the three advantages of NIDPSs.

3) List and describe the four advantages of HIDPSs.

4) Describe how hash functions work and what they are used for.

5) Describe symmetric and asymmetric encryptions.

6) Describe digital certificates.

7) List and describe the "Seven Major Sources of Physical Loss”?

8) Explain how a mantrap works.

9) Describe different types of sensors to detect intrusions.

10) What are the major steps in executing the project plan?

11) What minimum attributes for project tasks does the WBS document?

12) What can the organization do by managing the process of change?

13) What functions does the CISO perform?

14) What tasks must be performed when an employee prepares to leave an organization?

15) Describe the concept of separation of duties.

16) Why should agencies monitor the status of their programs?

17) List the four steps to developing a CM plan.

18) List the five domains of the recommended maintenance model.

Explanation / Answer

Q1,Reason to acquire and use IDPS are as follows

a.Network Intrusion Detection and Prevention: It isone of the most common use of IDPS technology which is designed to provide network-wide protection.It would be ideal on a very large network to insert a single IDS or IPS at the gateway sp that it can check all the traffic,but this type of design approach can raise the possibility of reating a bottleneck which would detoriate the overall performance of the network.

b.Host Intrusion Detection and Prevention: Companies add these type of systems to individual devices situated on the network.They monitor This type both inbound and outbound packets

c.Signature-Based Intrusion and Prevention: It is very useful for detecting viruses and other types of malware which may affect the network.

d.Anomaly-Based Intrusion and Prevention:This type of IDPS are always looking for something out of the box. The system continuously scrutinizes network traffic and compares it against an established baseline.

Q2.The advantages of NIDPSs are as follows

a.Good network design and placement of NIDPS can help the organization to use a few devices to monitor large network

b.These are generally passive and can be deployed into existing networks with a small interruption to normal network operations

c.NIDPSs not usually susceptible to direct attack and also it may not be discovered by the attackers.

Q3.The advantages of HIDPSs are as follows

a.HIDPSs can detect local events on host systems and also identify the attacks that may bypass a network-based IDPS

b.Functions on host system, where encrypted traffic are decrypted and are also available for further processing

c.Not affected by use of switched network protocols

d.Can detect imbalance on how applications and systems programs were used by examining records which are being stored in audit logs

Q4.The hash function is used to find the original value and to use later each time the data associated with the value is to be retrieved. So basically hashing is a one way operation. There's no need to calculate back the hash function by analyzing the hashed values.

It is used for cryptography and other purposes.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.