Copiar e Editar

IPS

Descrição

NSE4 6.0 NSE4 6.0 Quiz sobre IPS, criado por Marcos Avila em 12-09-2018.
Marcos Avila
Quiz por Marcos Avila, atualizado more than 1 year ago
Marcos Avila
Criado por Marcos Avila mais de 5 anos atrás
72
1
0

Resumo de Recurso

Questão 1

Questão
A known, confirmed attack Detected when a file or traffic matches a signature pattern: 1- lPS signatures 2- WAF signatures 3- Antivirus signatures Example: Exploit of known application vulnerabilities
Responda
  • Exploit
  • Anomaly

Questão 2

Questão
Can be zero-day or denial of service attacks (DoS) Detected by behavioral analysis: 1-Rate-based IPS signatures 2-DoS policies 3-Protocol constraints inspection Example: Abnormally high rate of traffic (DoS/flood)
Responda
  • Exploit
  • Anomaly

Questão 3

Questão
Flow-based detection and blocking :
Responda
  • Known exploits that match signatures Network errors and protocol anomalies
  • Known exploits and protocol anomalies Network errors that match signatures

Questão 4

Questão
IPS Components‘ IPS signature databases ‘ Protocol decoders IPS engine (Select 3)
Responda
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol decoders
  • IPS engine databases

Questão 5

Questão
IPS engine (Select 5)
Responda
  • Application control
  • Anti-virus (flow based)
  • Web filter (flow based)
  • Email filter (flow based)
  • Data Leak Prevention (DLP) (flow based in one-arm sniffer mode)
  • Anti-virus (flow based in one-arm sniffer mode)
  • IPS (flow based)
  • Anti-spam (flow based)

Questão 6

Questão
Decoders parse protocols. lPS signatures find parts of a protocol that don’t conform. For example, too many HTTP headers, or a buffer overflow attempt Unlike proxy-based scans, IPS often does not require IANA standard ports. Automatically selects decoder for protocol at each OSI layer
Responda
  • What Are Protocol Decoders?
  • What Are Protocol?
  • What Are Decoders?

Questão 7

Questão
IPS packages are updated by FortiGuard. (Select 3)
Responda
  • IPS signature databases
  • Protocol decoders
  • IPS engine
  • IPS Protocol
  • IPS databases
  • IPS signature

Questão 8

Questão
Choosing the Signature Database - [blank_start]Regular[blank_end] : Common attacks with fast, certain identification (default action is block) - [blank_start]Extended[blank_end] : Performance-intensive
Responda
  • Regular
  • Extended

Questão 9

Questão
In fact, because of its size, the extended database is only available for FortiGate models with a smaller disk or RAM. But, for high-security networks, you might be required to enable the extended signatures database.
Responda
  • True
  • False

Questão 10

Questão
Configuring IPS sensors
Responda
  • Two ways: Add signatures Add filters
  • Three ways: Add signatures Add filters Add IPS profile in the policy

Questão 11

Questão
IPS Actions (Select 6)
Responda
  • Pass
  • Monitor
  • Warning
  • Block
  • Reset
  • Default
  • Packet Logging
  • Quarantine

Questão 12

Questão
Which of the following are evaluated first in an lPS sensor?
Responda
  • A. IPS filter
  • B. IPS signature

Questão 13

Questão
Which IPS component is updated most frequently?
Responda
  • A. Protocol decoders
  • B. IPS signature database

Quer criar seus próprios Quizzes gratuitos com a GoConqr? Saiba mais.

Semelhante

Autenticacion y Control Acceso
Milton Valencia Rincon
FIREWALL
diana moreno
Conceptos de IMAGEN
RAQUEL CUENCA GARCÍA
Períodos geológicos
Alessandra S.
Revolução Francesa
cm lopes
Temas mais cobrados em Química
Marina Faria
Flashcards de Inglês - Vocabulário Intermédio
ARLEY MARINHO
SOCIOLOGIA DA EDUCAÇÃO DE PIERRE BOURDIEU: Limites e Contribuições.
sandro.ufop
7 Tendências Educacionais
GoConqr suporte .
Pronomes ( Revisão)
Rodrigo de Freit9506
Nutrição para o Cérebro e a Memória
Joana Meira
Explore a Biblioteca