SEC 450 Week 7 Quiz

SEC 450 Week 7 Quiz

                Click Link Below To Buy:

http://hwcampus.com/shop/sec-450-week-7-quiz/

Contact Us:

Hwcoursehelp@gmail.com

 1.           Question :           (TCO 6) The type of IDS signature that triggers on a multiple packet stream is called _________.

                Student Answer:                              atomic

                                                 dynamic

                                                 cyclical

                                                 compound, or composite

                Instructor Explanation:  Compound Signatures require a packet stream for detection

                Points Received:              4 of 4

                Comments:       

 2.           Question :           (TCO 6) Which one of the following is NOT an action that can be performed by the IOS Firewall IDS router when a packet or packet stream matches a signature?

                Student Answer:                              Drop the packet immediately

                                                 Send an alarm to the Cisco IOS router and designated Syslog server

                                                 Set the packet reset flag and forward the packet through

                                                 Block all future data from the source of the attack for a specified time

                Instructor Explanation:  IDS cannot block future traffic for a specified time

                Points Received:              4 of 4

                Comments:       

 3.           Question :           (TCO 6) An IPS sensor that receives a copy of data for analysis while the original data continues toward the destination is running in ________ mode.

                Student Answer:                              passive

                                                 active

                                                 promiscuous

                                                 inline

                Instructor Explanation:  promiscuous mode allows malicious traffic into the network

                Points Received:              4 of 4

                Comments:       

 4.           Question :           (TCO 6) Most IOS commands used to configure an Intrusion Prevention System (IPS) begin with the prefix ___________.

                Student Answer:                              ids ips

                                                 ips ip

                                                 ip ips

                                                 ios ips

                Instructor Explanation:  ip ips is the prefix for almost all commands used in configuring IPS on a Cisco router

                Points Received:              4 of 4

                Comments:       

 5.           Question :           (TCO 6) What is an IDS/IPS Signature?

                Student Answer:                              A message digest encrypted with the senders private key

                                                 A set of rules used to detect typical intrusive activity

                                                 A binary pattern specific to a virus

                                                 An appliance that provides anti-intrusion services

                Instructor Explanation:  A set of rules used to detect typical intrusive activity

                Points Received:              4 of 4

                Comments:       

 6.           Question :           (TCO 6) Which one of the following ip actions will drop the packet and all future packets from this TCP flow?

                Student Answer:                              Deny attacker inline

                                                 Deny connection inline

                                                 Deny ip host inline

                                                 Deny packet inline

                Instructor Explanation:  deny ip connection inline will perform this action

                Points Received:              4 of 4

                Comments: