Tutorial test: Intrusion detection basics

Passing score is 14 or more questions.

1. Intrusion-detection systems:

a) Monitors people entering and leaving buildings
b) Is a video monitoring system
c) Monitors and alerts on malicious network activity
d) None of the above

2. The two major types of IDS are:

a) Physical and wireless
b) Network and host based
c) Host and device based
d) None of the above

3. Host-based IDS monitors

a) A network segment
b) A device
c) A network segment and one device
d) None of the above

4. Network-based IDS monitors

a) A network segment
b) A device
c) A network segment and one device
d) None of the above

5. A hybrid IDS can be considered the third type of IDS

a) True
b) False

6. IDS management communications consists of

a) People, buildings and property
b) Logging devices
c) In and out of band types
d) None of the above

7. In-band communications allows for a private connection to the logging/alerting device

a) True
b) False

8. Out-of-band communications allows for a private connection to the logging/alerting device

a) True
b) False

9. Private band communications is a valid type of management IDS communications

a) True
b) False

10. The following are IDS detection methods

a) Signature
b) Heuristic
c) Anomaly
d) None of the above
e) All of the above

11. Managed services does not offer IDS support

a) True
b) False

12. Managed services fills the knowledge gap when investigating IDS issues:

a) True
b) False

13. Risk avoidance is the best solution to IDS

a) True
b) False

14. Some IDS issues include:

a) False/Positive issues
b) False Negatives
c) Risk avoidance
d) Tolerant systems
e) A & B only
f) C & D only
g) all of the above
h) None of the above

15. IDS basic rule of thumb

a) No size fits all
b) Any IDS is acceptable
c) IDS must be flexible and scalable
d) Managed services is mandatory for IDS
e) A & C only
f) B & D only
g) All of the above
h) None of the above

16. Methods of connecting IDS to the network include:

a) Tap
b) Span port
c) Hub
d) Mirror switch
e) A & B only
f) C & D only
g) All of the above
h) None of the above

17. TAPS are too difficult for most people to understand

a) True
b) False

18. Forensic examination and simple reports are the same thing

a) True
b) False

19. Laws that apply to IDS

a) HIPPA, GLB, and others
b) FBI, DEA, and others
c) FDIC, OCC, and FDA
d) All of the above
e) None of the above

20. SearchSecurity.com contains education information for IDS

a) True
b) False

To find the answers, click here...

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. BROWSE BY TAG Network Intrusion Detection (IDS),   Network Intrusion Detection and Analysis,   Enterprise Network Security,   Fun with Security,   VIEW ALL TAGS Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Network Intrusion Detection (IDS) Preventing SQL injection attacks: A network admin's perspective Lifecycle of a network security vulnerability Best Intrusion Prevention and Detection Products Rogue AP containment methods SIMs tools and tactics for business intelligence IPS and IDS deployment strategies Know when you need IDS, IPS or both Trend Micro to acquire Third Brigade for virtualization, cloud security New product aims to control rogue applications that avoid firewalls How to perform a network forensic analysis and investigation Network Intrusion Detection (IDS) Research Fun with Security Do you speak geek: Respecting the letter of the law Do you speak geek: All hail e-mail! Summer security quiz: Are you ready to go on vacation? Quiz: Compliance Passwords: Do you speak Geek? Festive Season: Do you speak Geek? Learn IT: How spam affects e-mail marketing campaigns Infosec Know IT All Trivia: Securing Web services Infosec Know IT All Trivia: IPsec Infosec Know IT All Trivia: Intrusion detection RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary computer forensics  (SearchSecurity.com) Diffie-Hellman key exchange  (SearchSecurity.com) Einstein  (SearchSecurity.com) HIDS/NIDS  (SearchSecurity.com) network behavior analysis  (SearchSecurity.com) ultrasound  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.