Q&A Hero

Question

Match the following terms to the appropriate definition.
a. Active intrusion detection f. Inspector
b. Alert g. IDS
c. Auditor h. Passive intrusion detection
d. Decoy i. Trap
e. Filter j. Trigger
1/ Setting up ways to detect and record intrusion attempts, without taking action
2/ A message sent to an administrator about a specific operating system event
3/ Used to attract attackers
4/ Used to detect and report possible network and computer system intrusions
5/ Sends an alert to an administrator or takes an action to block an attack
6/ Records specific situations that an administrator wants to be warned about
7/ Tracks a wide range of data and events related to an operating system
8/ Performs a specific function when a predefined situation occurs
9/ A viewing capability that enables you to display only specific events
10/ Examines captured data and determines if there has been an intrusion

Answer

This answer is hidden. It contains 31 characters.

Related questions

Q: List eight server monitoring functions that can be viewed using the Netware MONITOR command.
Q: What two useful tools does NetWare offers to view user connections?
Q: What five things do inspectors typically look for?
Q: List four third-party active intrusion-detection tools.
Q: Network-based intrusion-detection software is used on a computer or network device and typically places the NIC on that device in ____________________ mode.
Q: Can the version of Network Monitor that comes with Windows Server 2003 capture and read the contents of any frames transported on the network segment to which the host computer is connected?
Q: In Windows 2000 Server, is it necessary to install Network Monitor and Network Monitor Driver separately?
Q: In the event log, a notice that a service has started would be indicated with what type of symbol? a. A blue "i" displayed in a white comment bubble b. A black "!" that appears on a yellow caution symbol c. A white "x" that appears inside a red circle d. A red "x" that appears inside a white circle
Q: What are the three principle event logs in Windows 2000 Server and Windows Server 2003? a. System, Security, Application b. System, Security, Directory Service c. System, Directory Service, DNS d. Security, Directory Service, Application
Q: What type of computer is placed on a network to attract attackers?a. Dummy b. Honeypot c. Faked. Both a and be. Both b and c
Q: Which type of IDS looks for excessive use of a computer's resources, such as the CPU or memory?a. Passive b. Network-based c. Inspectord. Auditor
Q: Which active intrusion-detection tool monitors for intruders and can take action on the basis of preestablished security policies?a. Entercept b. Symantec Intruder Alert c. SecureHostd. Storm Watch
Q: Which of the following options is a common approach to intrusion detection?a. Archive b. System-based c. Host-basedd. Both a and be. Both b and c
Q: SYSCON is a Server Console command that is carried forward from earlier versions of NetWare. _________________________
Q: Network-based intrusion-detection software is categorized as host wrappers or host-based agents.
Q: Active intrusion detection is effective as long as the server or network administrator regularly checks the logs and recorded information for possible intrusion attempts.
Q: Other than encapsulation, what three other functions does a MAC controller perform?
Q: What five options are available for UPS configuration in Power Options on a Windows 2000 computer?
Q: What are the five different types of backups that the Windows Server 2003 backup tool enables you to perform?
Q: In Netware, ____________________ is used to back up the NDS database and eDirectory.
Q: In UNIX/Linux, ____________________ is a binary backup that creates a mirror image of a disk onto the backup medium, such as a tape or CD-R/CD-RW.
Q: Which of the following is not an advantage of hardware RAID? a. Faster read and write response b. More expensive to implement c. The ability to hot swap a failed disk with one that works d. More setup options to retrieve damaged data and to combine different RAID levels
Q: When using RAID level 1, how much of the disk space is used for redundancy?a. 25% b. 33% c. 50%d. 66%
Q: The figure above is an example of what type of fault tolerance?a. Disk mirroring b. Disk duplexing c. Disk stripingd. Disk partitioning
Q: In Red Hat Linux 9.x, what should be used to communicate with a UPS? a. /etc/sysconfig/ups file b. /sbin/powerd utility c. UPS manufacturer's configuration software d. UPS Manager utility
Q: What type of connection does a UPS use to communicate with a computer?a. Serial b. Parallel c. Networkd. Electrical
Q: In Windows Server 2003, all three RAID levels support FAT and NTFS formatted disks. _________________________
Q: RAID is a set of standards for lengthening disk life and preventing data loss.
Q: DFS is configured using the Distributed File System tool in the Administrative Tools menu in Windows 2000 Server.
Q: Authentication makes data unintelligible to everyone except its intended recipients. _________________________

Subjects

Accounting Anthropology Archaeology Art History Banking Biology & Life Science Business Business Communication Business Development Business Ethics Business Law Chemistry Communication Computer Science Counseling Criminal Law Curriculum & Instruction Design Earth Science Economic Education Engineering Finance History & Theory Humanities Human Resource International Business Investments & Securities Journalism Law Management Marketing Medicine Medicine & Health Science Nursing Philosophy Physic Psychology Real Estate Science Social Science Sociology Special Education Speech Visual Arts