MCQOPTIONS
Saved Bookmarks
MCQOPTIONS
This section includes 12 Mcqs, each offering curated multiple-choice questions to sharpen your Operating System Questions & Answers Security Intrusion Detection knowledge and support exam preparation. Choose a topic below to get started.
| 1. |
What are characteristics of Network based IDS? |
| A. | They look for attack signatures in network traffic |
| B. | Filter decides which traffic will not be discarded or passed |
| C. | It is programmed to interpret a certain series of packet |
| D. | It models the normal usage of network as a noise characterization |
| Answer» B. Filter decides which traffic will not be discarded or passed | |
| 2. |
What are characteristics of stack based IDS? |
| A. | They are integrated closely with the TCP/IP stack and watch packets |
| B. | The host operating system logs in the audit information |
| C. | It is programmed to interpret a certain series of packets |
| D. | It models the normal usage of network as a noise characterization |
| Answer» B. The host operating system logs in the audit information | |
| 3. |
What are the strengths of the host based IDS? |
| A. | Attack verification |
| B. | System specific activity |
| C. | No additional hardware required |
| D. | All of the mentioned |
| Answer» E. | |
| 4. |
What are the drawbacks of the host based IDS? |
| A. | Unselective logging of messages may increase the audit burdens |
| B. | Selective logging runs the risk of missed attacks |
| C. | They are very fast to detect |
| D. | They have to be programmed for new patterns |
| Answer» B. Selective logging runs the risk of missed attacks | |
| 5. |
What are the characteristics of Host based IDS? |
| A. | The host operating system logs in the audit information |
| B. | Logs includes logins,file opens and program executions |
| C. | Logs are analysed to detect tails of intrusion |
| D. | All of the mentioned |
| Answer» E. | |
| 6. |
What are the drawbacks of signature based IDS? |
| A. | They are unable to detect novel attacks |
| B. | They suffer from false alarms |
| C. | They have to be programmed again for every new pattern to be detected |
| D. | All of the mentioned |
| Answer» E. | |
| 7. |
What are the characteristics of signature based IDS? |
| A. | Most are based on simple pattern matching algorithms |
| B. | It is programmed to interpret a certain series of packets |
| C. | It models the normal usage of network as a noise characterization |
| D. | Anything distinct from the noise is assumed to be intrusion activity |
| Answer» B. It is programmed to interpret a certain series of packets | |
| 8. |
What is the major drawback of anomaly detection IDS? |
| A. | These are very slow at detection |
| B. | It generates many false alarms |
| C. | It doesn t detect novel attacks |
| D. | None of the mentioned |
| Answer» C. It doesn t detect novel attacks | |
| 9. |
What are the characteristics of anomaly based IDS? |
| A. | It models the normal usage of network as a noise characterization |
| B. | It doesn t detect novel attacks |
| C. | Anything distinct from the noise is not assumed to be intrusion activity |
| D. | It detects based on signature |
| Answer» B. It doesn t detect novel attacks | |
| 10. |
What are the different ways to classify an IDS? |
| A. | anomaly detection |
| B. | signature based misuse |
| C. | stack based |
| D. | all of the mentioned |
| Answer» E. | |
| 11. |
What are the major components of the intrusion detection system? |
| A. | Analysis Engine |
| B. | Event provider |
| C. | Alert Database |
| D. | All of the mentioned |
| Answer» E. | |
| 12. |
What are the different ways to intrude? |
| A. | Buffer overflows |
| B. | Unexpected combinations and unhandled input |
| C. | Race conditions |
| D. | All of the mentioned |
| Answer» E. | |