Chapter 2 - IT Security - Pre Quiz

To prevent all cyber attacks

To detect a wide range of security violations

To encrypt network traffic

To manage network bandwidth

Lower cost

More detailed logging

Wider range of detection

Easier deployment

It must be placed where outbound packets are invisible

It must be placed where inbound and outbound packets are visible

It must be placed after encryption points

It must be placed only at network endpoints

Pattern Matching

Stateful Pattern Matching

Protocol Decode based analysis

Heuristic based analysis (based on practical experience and knowledge)

Early detection

Deterrence

Network acceleration

Future improvement through information collection

More detailed logging

Lower cost of deployment

Better detection of unknown attacks

Increased recovery capabilities

High network performance

Easy configuration

Very granular policy setting

No need for updates

IPS is older technology

IPS is reactive while IDS is proactive

IPS is proactive while IDS tends to be reactive

They are exactly the same

Buffer overflow attacks

SQL injection

DoS attacks

Man-in-the-middle attacks

Inline IDS

Deceptive Applications

Hybrid Switches

Network-based application IDS