Copy and Edit

IPS

Description

NSE4 6.0 NSE4 6.0 Quiz on IPS, created by Marcos Avila on 12/09/2018.
Marcos Avila
Quiz by Marcos Avila, updated more than 1 year ago
Marcos Avila
Created by Marcos Avila over 5 years ago
72
1
0

Resource summary

Question 1

Question
A known, confirmed attack Detected when a file or traffic matches a signature pattern: 1- lPS signatures 2- WAF signatures 3- Antivirus signatures Example: Exploit of known application vulnerabilities
Answer
  • Exploit
  • Anomaly

Question 2

Question
Can be zero-day or denial of service attacks (DoS) Detected by behavioral analysis: 1-Rate-based IPS signatures 2-DoS policies 3-Protocol constraints inspection Example: Abnormally high rate of traffic (DoS/flood)
Answer
  • Exploit
  • Anomaly

Question 3

Question
Flow-based detection and blocking :
Answer
  • Known exploits that match signatures Network errors and protocol anomalies
  • Known exploits and protocol anomalies Network errors that match signatures

Question 4

Question
IPS Components‘ IPS signature databases ‘ Protocol decoders IPS engine (Select 3)
Answer
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol decoders
  • IPS engine databases

Question 5

Question
IPS engine (Select 5)
Answer
  • Application control
  • Anti-virus (flow based)
  • Web filter (flow based)
  • Email filter (flow based)
  • Data Leak Prevention (DLP) (flow based in one-arm sniffer mode)
  • Anti-virus (flow based in one-arm sniffer mode)
  • IPS (flow based)
  • Anti-spam (flow based)

Question 6

Question
Decoders parse protocols. lPS signatures find parts of a protocol that don’t conform. For example, too many HTTP headers, or a buffer overflow attempt Unlike proxy-based scans, IPS often does not require IANA standard ports. Automatically selects decoder for protocol at each OSI layer
Answer
  • What Are Protocol Decoders?
  • What Are Protocol?
  • What Are Decoders?

Question 7

Question
IPS packages are updated by FortiGuard. (Select 3)
Answer
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol
  • IPS databases
  • IPS signature

Question 8

Question
Choosing the Signature Database - [blank_start]Regular[blank_end] : Common attacks with fast, certain identification (default action is block) - [blank_start]Extended[blank_end] : Performance-intensive
Answer
  • Regular
  • Extended

Question 9

Question
In fact, because of its size, the extended database is only available for FortiGate models with a smaller disk or RAM. But, for high-security networks, you might be required to enable the extended signatures database.
Answer
  • True
  • False

Question 10

Question
Configuring IPS sensors
Answer
  • Two ways: Add signatures Add filters
  • Three ways: Add signatures Add filters Add IPS profile in the policy

Question 11

Question
IPS Actions (Select 6)
Answer
  • Pass
  • Monitor
  • Warning
  • Block
  • Reset
  • Default
  • Packet Logging
  • Quarantine

Question 12

Question
Which of the following are evaluated first in an lPS sensor?
Answer
  • A. IPS filter
  • B. IPS signature

Question 13

Question
Which IPS component is updated most frequently?
Answer
  • A. Protocol decoders
  • B. IPS signature database
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

Autenticacion y Control Acceso
Milton Valencia Rincon
FIREWALL
diana moreno
Conceptos de IMAGEN
RAQUEL CUENCA GARCÍA
Characters in "King Lear"
eleanor.gregory
Sociology GCSE AQA - Studying Society keywords
tasniask
What was the Cold War?
Emily Tisch
Matters of Life and Death GCSE
kate.siena
IB SL Biology: Cell Division
mcgowan-w-10
Revolutions and Turmoil: Russia 1905-1917
Emily Faul
AQA A2 Biology Unit 5 Chapter 11: Muscle Contraction
Charlotte Lloyd
HEMORRAGIAS - OBST PATOLOGICA
María José Alvarez Gazzano
Browse Library