MCQOPTIONS
Saved Bookmarks
MCQOPTIONS
This section includes 4 Mcqs, each offering curated multiple-choice questions to sharpen your Computer Networks Questions & Answers Intrusion Detection Systems knowledge and support exam preparation. Choose a topic below to get started.
| 1. |
Which of the following is used to provide a baseline measure for comparison of IDSes? |
| A. | Crossover error rate |
| B. | False negative rate |
| C. | False positive rate |
| D. | Bit error rate |
| Answer» B. False negative rate | |
| 2. |
Semantics-aware signatures automatically generated by Nemean are based on traffic at which two layers? |
| A. | Application layer and Transport layer |
| B. | Network layer and Application layer |
| C. | Session layer and Transport layer |
| D. | Application layer and Session layer |
| Answer» E. | |
| 3. |
IDS follows a two-step process consisting of a passive component and an active component. Which of the following is part of the active component? |
| A. | Inspection of password files to detect inadvisable passwords |
| B. | Mechanisms put in place to reenact known methods of attack and record system responses |
| C. | Inspection of system to detect policy violations |
| D. | Inspection of configuration files to detect inadvisable settings |
| Answer» C. Inspection of system to detect policy violations | |
| 4. |
A false positive can be defined as ________ |
| A. | An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior |
| B. | An alert that indicates nefarious activity on a system that is not running on the network |
| C. | The lack of an alert for nefarious activity |
| D. | Both An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior and An alert that indicates nefarious activity on a system that is not running on the network |
| Answer» E. | |