Copy and Edit

IPS

Description

NSE4 6.0 NSE4 6.0 Quiz on IPS, created by Marcos Avila on 12/09/2018.
Marcos Avila
Quiz by Marcos Avila, updated more than 1 year ago
Marcos Avila
Created by Marcos Avila over 5 years ago
72
1
0

Resource summary

Question 1

Question
A known, confirmed attack Detected when a file or traffic matches a signature pattern: 1- lPS signatures 2- WAF signatures 3- Antivirus signatures Example: Exploit of known application vulnerabilities
Answer
  • Exploit
  • Anomaly

Question 2

Question
Can be zero-day or denial of service attacks (DoS) Detected by behavioral analysis: 1-Rate-based IPS signatures 2-DoS policies 3-Protocol constraints inspection Example: Abnormally high rate of traffic (DoS/flood)
Answer
  • Exploit
  • Anomaly

Question 3

Question
Flow-based detection and blocking :
Answer
  • Known exploits that match signatures Network errors and protocol anomalies
  • Known exploits and protocol anomalies Network errors that match signatures

Question 4

Question
IPS Components‘ IPS signature databases ‘ Protocol decoders IPS engine (Select 3)
Answer
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol decoders
  • IPS engine databases

Question 5

Question
IPS engine (Select 5)
Answer
  • Application control
  • Anti-virus (flow based)
  • Web filter (flow based)
  • Email filter (flow based)
  • Data Leak Prevention (DLP) (flow based in one-arm sniffer mode)
  • Anti-virus (flow based in one-arm sniffer mode)
  • IPS (flow based)
  • Anti-spam (flow based)

Question 6

Question
Decoders parse protocols. lPS signatures find parts of a protocol that don’t conform. For example, too many HTTP headers, or a buffer overflow attempt Unlike proxy-based scans, IPS often does not require IANA standard ports. Automatically selects decoder for protocol at each OSI layer
Answer
  • What Are Protocol Decoders?
  • What Are Protocol?
  • What Are Decoders?

Question 7

Question
IPS packages are updated by FortiGuard. (Select 3)
Answer
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol
  • IPS databases
  • IPS signature

Question 8

Question
Choosing the Signature Database - [blank_start]Regular[blank_end] : Common attacks with fast, certain identification (default action is block) - [blank_start]Extended[blank_end] : Performance-intensive
Answer
  • Regular
  • Extended

Question 9

Question
In fact, because of its size, the extended database is only available for FortiGate models with a smaller disk or RAM. But, for high-security networks, you might be required to enable the extended signatures database.
Answer
  • True
  • False

Question 10

Question
Configuring IPS sensors
Answer
  • Two ways: Add signatures Add filters
  • Three ways: Add signatures Add filters Add IPS profile in the policy

Question 11

Question
IPS Actions (Select 6)
Answer
  • Pass
  • Monitor
  • Warning
  • Block
  • Reset
  • Default
  • Packet Logging
  • Quarantine

Question 12

Question
Which of the following are evaluated first in an lPS sensor?
Answer
  • A. IPS filter
  • B. IPS signature

Question 13

Question
Which IPS component is updated most frequently?
Answer
  • A. Protocol decoders
  • B. IPS signature database
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

Autenticacion y Control Acceso
Milton Valencia Rincon
FIREWALL
diana moreno
Conceptos de IMAGEN
RAQUEL CUENCA GARCÍA
Command or Process Words for Essay Writing
Bekki
How does Shakespeare present villainy in Macbeth?
maxine.canvin
IT - The Online World
Summir
Animal Farm- The Pigs
lianastyles17
Science Additional B3 - Animal and Plant Cells Flashcards
Stirling v
PuKW - STEP 1 (mögliche Prüfungsfragen/Prüfungsvorbereitung)
Steven Lee
untitled 2
lola_smily
The Circulatory System
Hamza Ahmed
Browse Library