Tutorial test: Intrusion detection basics

Take this test while listening to our Tutorial Webcast on Intrusion Detection Basics.

Passing score is 14 or more questions.

1. Intrusion-detection systems:

a) Monitors people entering and leaving buildings
b) Is a video monitoring system
c) Monitors and alerts on malicious network activity
d) None of the above

2. The two major types of IDS are:

a) Physical and wireless
b) Network and host based
c) Host and device based
d) None of the above

3. Host-based IDS monitors

a) A network segment
b) A device
c) A network segment and one device
d) None of the above

4. Network-based IDS monitors

a) A network segment
b) A device
c) A network segment and one device
d) None of the above

5. A hybrid IDS can be considered the third type of IDS

a) True
b) False

6. IDS management communications consists of

a) People, buildings and property
b) Logging devices
c) In and out of band types
d) None of the above

7. In-band communications allows for a private connection to the logging/alerting device

a) True
b) False

8. Out-of-band communications allows for a private connection to the logging/alerting device

a) True
b) False

9. Private band communications is a valid type of management IDS communications

a) True
b) False

10. The following are IDS detection methods

a) Signature
b) Heuristic
c) Anomaly
d) None of the above
e) All of the above

11. Managed services does not offer IDS support

a) True
b) False

12. Managed services fills the knowledge gap when investigating IDS issues:

a) True
b) False

13. Risk avoidance is the best solution to IDS

a) True
b) False

14. Some IDS issues include:

a) False/Positive issues
b) False Negatives
c) Risk avoidance
d) Tolerant systems
e) A & B only
f) C & D only
g) all of the above
h) None of the above

15. IDS basic rule of thumb

a) No size fits all
b) Any IDS is acceptable
c) IDS must be flexible and scalable
d) Managed services is mandatory for IDS
e) A & C only
f) B & D only
g) All of the above
h) None of the above

16. Methods of connecting IDS to the network include:

a) Tap
b) Span port
c) Hub
d) Mirror switch
e) A & B only
f) C & D only
g) All of the above
h) None of the above

17. TAPS are too difficult for most people to understand

a) True
b) False

18. Forensic examination and simple reports are the same thing

a) True
b) False

19. Laws that apply to IDS

a) HIPPA, GLB, and others
b) FBI, DEA, and others
c) FDIC, OCC, and FDA
d) All of the above
e) None of the above

20. SearchSecurity.com contains education information for IDS

a) True
b) False

To find the answers, click here...