Principles and Practice, 3
MULTIPLE CHOICE QUESTIONS:
_________ are either individuals or members of a larger group of outsider attackers
who are motivated by social or political causes.
2. A _________ is a security event that constitutes a security incident in which an
intruder gains access to a system without having authorization to do so.
A. intrusion detection
C. criminal enterprise
D. security intrusion
A _________ monitors the characteristics of a single host and the events occurring
within that host for suspicious activity.
A ________ monitors network traffic for particular network segments or devices and
analyzes network, transport, and application protocols to identify suspicious activity.
5. The ________ is responsible for determining if an intrusion has occurred.
__________ involves an attempt to define a set of rules or attack patterns that can be
used to decide if a given behavior is that of an intruder.
A. Profile based detection
B. Signature detection
C. Threshold detection
D. Anomaly detection