Intrusion Defense School Entrance Exam

Intrusion Defense School Begin the first lesson: Webcast: Intrusion defense: How to keep the perimeter secure Article: The role of key technologies in intrusion defense Return to Intrusion Defense School

1. Which of these technologies does Unified Threat Management (UTM) complement?

1. Antispam
2. Antiphishing
3. Antivirus
4. Compliance

2. What type of intrusion defense tool specifically looks for malware propagation signs and uses that information to help isolate infected systems?

1. NBAD systems
2. Desktop antivirus
3. Perimeter antivirus
4. Intrusion detection systems

3. Intrusion defense is predicated on what technology?

1. SIM/SEM
2. IDS
3. IPS
4. Firewall

4. Rate-based IPSes are also marketed as what?

1. Bandwidth management tools
2. DoS and DDoS defense tools
3. NBAD systems
4. Content filtering tools

5. In-line antivirus scanners, typically incorporated into firewalls, look at what kind of traffic?

1. Incoming and outgoing SMTP traffic
2. Mail protocol (POP and IMAP) traffic
3. Web (HTTP) traffic
4. All of the above

6. Why haven't NBAD systems become a popular means of catching spam when they could do so in much the same way they can detect phishing attacks?

1. Damage to the user as a result of spam is not considered significant.
2. Tools that specifically target spam have already become widely used.
3. The NBAD system can't tell the difference between spam and phishing attacks.
4. Phishing, in terms of identity theft, is considered an end-user problem, where spam can have a greater impact on bandwidth and affect the enterprise.

7. What role do both reputation-based and heuristic-based antivirus scanners play in an enterprise antivirus strategy?

1. They replace traditional virus scanners.
2. They are adjuncts to traditional virus scanners.
3. The technologies have not yet developed to the point of making them a viable part of an AV strategy.

8. Which of the following is true of firewalls/UTM?

1. Firewalls/UTM are as effective as an edge e-mail security appliance at catching viruses.
2. Firewalls/UTM are as effective as an edge proxy server at catching spyware.
3. Firewalls/UTM catch infected systems by behavioral anomaly.
4. Firewalls/UTM fail to catch threats that "go around" other devices.

9. Which of the following technologies can you depend on unified threat management to provide?

1. Antispam
2. Content filtering
3. Compliance
4. Intrusion prevention

10. Which of the following is a drawback to in-line antivirus scanners?

1. Performance issues make it nearly impossible to scan all traffic coming into all ports.
2. They look at only incoming and outgoing SMTP traffic.
3. Because they are not as flexible or reliable as standalone AV, they are not worth the effort to deploy.
4. None of the above.

Check your score

SearchSecurity.com members who attend all five 20-minute Intrusion Defense School webcasts receive a certificate of completion. CISSPs and SSCPs are also eligible to earn CPE credits from (ISC)².

BROWSE BY TAG Intrusion Defense School,   Basics of network security intrusion defense,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Basics of network security intrusion defense Joel Snyder's introduction to network perimeter defenses Intrusion Defense School Final Exam

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary