Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Arkusz Danych Pobierz pdf (Strona 12)

642 -531

Leading the way in IT testing and certification tools, www.testking.com

- 12 -

Section 3: Describe the relationship between vulnerabilities and

exploits (2 questions)

QUESTION NO: 1

Which of the following is typical of profile-based, or anomaly-based, intrusion

detection?

A Normal network activity is easily defined

B It is most applicable to environments with unpredictable traffic patterns

C It is prone to a high number of false positive alarms

D Signatures match patterns of malicious activity

Answer: C

Page 3-14 CSIDS Courseware under Profile-based Intrusion Detection

Prone to high number of false positives - Difficult to define "normal" activity

QUESTION NO: 2

An anonymous person has posted a tool on a public website that can cause Cisco DSL

routers to reboot.

What term describes how this tool is used to leverage the weakness in the Cisco DSL

routers?

A. Vulnerability

B. Exploit

C. Rootkit

D. Exposure

Answer: B

Explanation:

Exploits activity—Indicative of someone attempting to gain access or compromise systems on

your network, such as Back Orifice, failed login attempts, and TCP hijacking

Reference: Cisco Intrusion Detection System - Cisco Secure Intrusion Detection System

1 2 ... 7 8 9 10 11 12 13 14 15 16 17 ... 167 168

Brak uwag

Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Arkusz Danych Strona 12