Information Security - ch9

A(n) ______ is a software program or hardware appliance that can intercept, copy, and interpret network traffic.

_____ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol.

_____ is the action of luring an individual into committing a crime to get a conviction.

_____ applications use a combination of techniques to detect an intrusion and then follow it back to its source.

To determine whether an attack has ocurred or is underway, NIDPSs compare measured activity to known ______ in their knowledge base.

Administrators should encourage users to experiment with hackerware tools as they assist the organization in detecting potential vulnerabilities in the systems.

A fully distributed IDPS control strategy is an IDPS implementation approach in which all control functions are applied at the physical location of each IDPS component.

Intrusion detection and prevention systems can deal effectively with newly published attacks or variants of existing attacks.

Your organization’s operational goals, constraints, and culture should not affect the selection of the IDPS and other security tools and technologies to protect your systems.

In order to determine which IDPS best meets an organization’s needs to consider the system environment, security goals and objectives and the existing security policy.