{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

ch 7 review questions

ch 7 review questions - Jennifer Rudan Chapter 7 Review...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Jennifer Rudan Chapter 7 Review Questions SRA 111 1. An IDPS is most like a burglar alarm in that when it detects an intrusion, it sounds an alarm. They are also similar in that the alarm might be a sound, a light (or visual alarm), or a silent notification. They also run like burglar alarms because the can be configured to notify an outside service and configured as to the amount of detection to use. 2. A false positive is when the IDPS detects an intrusion when it in fact is not an intrusion. But a false negative is when an intrusion comes through and the IDPS does not detect its presence. From a security prospective, the least desirable would be a false negative because there was a breach to the network’s security and it could lead to many problems. 3. A network IDPS protects network information assets while a host-based IDPS protects the server or host’s information assets. A host-based IDPS monitors an individual computer or server. 4. A signature-based IDPS examines data traffic for patterns that match signatures from preconfigured and predetermined attack patterns. Meanwhile a behavior- based IDPS collects data from normal traffic and establishes a baseline. If an activity occurs outside of these guidelines then the alarm is set-off.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}