Copiar e Editar

IPS

Descrição

NSE4 6.0 NSE4 6.0 Quiz sobre IPS, criado por Marcos Avila em 12-09-2018.
Marcos Avila
Quiz por Marcos Avila, atualizado more than 1 year ago
Marcos Avila
Criado por Marcos Avila mais de 7 anos atrás
81
1
0

Resumo de Recurso

Questão 1

Questão
A known, confirmed attack Detected when a file or traffic matches a signature pattern: 1- lPS signatures 2- WAF signatures 3- Antivirus signatures Example: Exploit of known application vulnerabilities
Responda
  • Exploit
  • Anomaly

Questão 2

Questão
Can be zero-day or denial of service attacks (DoS) Detected by behavioral analysis: 1-Rate-based IPS signatures 2-DoS policies 3-Protocol constraints inspection Example: Abnormally high rate of traffic (DoS/flood)
Responda
  • Exploit
  • Anomaly

Questão 3

Questão
Flow-based detection and blocking :
Responda
  • Known exploits that match signatures Network errors and protocol anomalies
  • Known exploits and protocol anomalies Network errors that match signatures

Questão 4

Questão
IPS Components‘ IPS signature databases ‘ Protocol decoders IPS engine (Select 3)
Responda
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol decoders
  • IPS engine databases

Questão 5

Questão
IPS engine (Select 5)
Responda
  • Application control
  • Anti-virus (flow based)
  • Web filter (flow based)
  • Email filter (flow based)
  • Data Leak Prevention (DLP) (flow based in one-arm sniffer mode)
  • Anti-virus (flow based in one-arm sniffer mode)
  • IPS (flow based)
  • Anti-spam (flow based)

Questão 6

Questão
Decoders parse protocols. lPS signatures find parts of a protocol that don’t conform. For example, too many HTTP headers, or a buffer overflow attempt Unlike proxy-based scans, IPS often does not require IANA standard ports. Automatically selects decoder for protocol at each OSI layer
Responda
  • What Are Protocol Decoders?
  • What Are Protocol?
  • What Are Decoders?

Questão 7

Questão
IPS packages are updated by FortiGuard. (Select 3)
Responda
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol
  • IPS databases
  • IPS signature

Questão 8

Questão
Choosing the Signature Database - [blank_start]Regular[blank_end] : Common attacks with fast, certain identification (default action is block) - [blank_start]Extended[blank_end] : Performance-intensive
Responda
  • Regular
  • Extended

Questão 9

Questão
In fact, because of its size, the extended database is only available for FortiGate models with a smaller disk or RAM. But, for high-security networks, you might be required to enable the extended signatures database.
Responda
  • True
  • False

Questão 10

Questão
Configuring IPS sensors
Responda
  • Two ways: Add signatures Add filters
  • Three ways: Add signatures Add filters Add IPS profile in the policy

Questão 11

Questão
IPS Actions (Select 6)
Responda
  • Pass
  • Monitor
  • Warning
  • Block
  • Reset
  • Default
  • Packet Logging
  • Quarantine

Questão 12

Questão
Which of the following are evaluated first in an lPS sensor?
Responda
  • A. IPS filter
  • B. IPS signature

Questão 13

Questão
Which IPS component is updated most frequently?
Responda
  • A. Protocol decoders
  • B. IPS signature database

Quer criar seus próprios Quizzes gratuitos com a GoConqr? Saiba mais.

Semelhante

FIREWALL
diana moreno
Autenticacion y Control Acceso
Milton Valencia Rincon
Conceptos de IMAGEN
RAQUEL CUENCA GARCÍA
Explore a Biblioteca