What is a host-based intrusion detection system (HIDS)?

It identifies potential attacks and sends alerts but does not stop the traffic.

It detects and stops potential direct attacks but does not scan for malware.

It is an agentless system that scans files on a host for potential malware.

It combines the functionalities of antimalware applications with firewall protection.

Which statement describes the term attack surface?

It is the total sum of vulnerabilities in a system that is accessible to an attacker.

It is the group of hosts that experiences the same attack.

It is the network interface where attacks originate.

It is the total number of attacks toward an organization within a day.

What can you do to ensure that network operating software remains secure? (Choose three correct answers)

Install patches and updates regularly

Conduct software testing prior to launch

Develop a policy to address application software and operating system updates

Implement data classification standards

MCyber_Chap9

Authored by Marcus Phang

Information Technology (IT)

Professional Development

Used 5+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

15 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?

Routing-based

Behavior-based

Signature-based

Heuristics-based

Answer explanation

Antimalware programs may detect viruses using three different approaches:
1) Signature-based – by recognizing various characteristics of known malware files
2) Heuristics-based – by recognizing general features shared by various types of malware
3) Behavior-based – through analysis of suspicious activities

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?

Firewall

Workstation

Server

Switch

Answer explanation

Switches are LAN infrastructure devices interconnecting endpoints.
They are susceptible to LAN-related attacks including MAC address-table overflow attacks, spoofing attacks, LAN storm attacks, STP manipulation attacks, and VLAN attacks.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?

Intrusion detection and prevention

Anti-phishing

Telemetry

Safe browsing

Answer explanation

The telemetry functionality in most host-based security suites provides robust logging functionality and submits logs to a central location for analysis.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which technology might increase the security challenge to the implementation of IoT in an enterprise environment?

CPU processing speed

Data storage

Cloud computing

Network bandwidth

Answer explanation

With cloud computing, boundaries of enterprise networks are expanded to include locations on the Internet for which the enterprises are not responsible.
Malicious software might access the internal network endpoints to attack internal networks.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which statement describes agentless antivirus protection?

Host-based antivirus systems provide agentless antivirus protection.

The antivirus protection is provided by the router that is connected to a cloud service.

The antivirus protection is provided by the ISP.

Antivirus scans are performed on hosts from a centralized system.

Answer explanation

Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine.
Agentless antivirus protection performs scans on hosts from a centralized system.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which HIDS is an open source product?

Tripwire

OSSEC

Cisco AMP

AlienVault USM

Answer explanation

The Open Source HIDS SECurity (OSSEC) software is an open source HIDS that uses a central manager server and agents that are installed on the hosts that are to be monitored.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

In Windows Firewall, when is the Domain profile applied?

When the host accesses the Internet

When the host checks emails from an enterprise email server

When the host is connected to a trusted network such as an internal business network

When the host is connected to an isolated network from the Internet by another security device

Answer explanation

The Domain profile in Windows Firewall configuration is for connections to a trusted network, such as a business network, that is assumed to have an adequate security infrastructure.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

10 questions

RPL - Sesi 2

Quiz

•

Professional Development

20 questions

Fundamentos de Seguridad de la Información

Quiz

•

Professional Development

20 questions

Networking Devices and Protocols Quiz

Quiz

•

Professional Development

20 questions

Structured Cabling and Networking Quiz

Quiz

•

Professional Development

20 questions

La cybersécurité, j’assure … vraiment ?

Quiz

•

Professional Development

20 questions

Exam Prep 2

Quiz

•

Professional Development

16 questions

Exploring Machine Learning Concepts

Quiz

•

Professional Development

10 questions

Microsoft IT Pro Community Meetup - September

Quiz

•

Professional Development

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

15 questions

Hargrett House Quiz: Community & Service

Quiz

•

5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Information Technology (IT)

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

35 questions

World War Two 8th G

Quiz

•

6th Grade - Professio...

7 questions

DOL REC: Solutions & Solubility Curves

Quiz

•

Professional Development

20 questions

Block Buster Movies

Quiz

•

10th Grade - Professi...

20 questions

NCAA Logo Quiz

Quiz

•

Professional Development

MCyber_Chap9

Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?

Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?

Switches are LAN infrastructure devices interconnecting endpoints.
They are susceptible to LAN-related attacks including MAC address-table overflow attacks, spoofing attacks, LAN storm attacks, STP manipulation attacks, and VLAN attacks.

In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?

The telemetry functionality in most host-based security suites provides robust logging functionality and submits logs to a central location for analysis.

Which technology might increase the security challenge to the implementation of IoT in an enterprise environment?

With cloud computing, boundaries of enterprise networks are expanded to include locations on the Internet for which the enterprises are not responsible.
Malicious software might access the internal network endpoints to attack internal networks.

Which statement describes agentless antivirus protection?

Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine.
Agentless antivirus protection performs scans on hosts from a centralized system.

Which HIDS is an open source product?

The Open Source HIDS SECurity (OSSEC) software is an open source HIDS that uses a central manager server and agents that are installed on the hosts that are to be monitored.

In Windows Firewall, when is the Domain profile applied?

The Domain profile in Windows Firewall configuration is for connections to a trusted network, such as a business network, that is assumed to have an adequate security infrastructure.

What is a host-based intrusion detection system (HIDS)?

Host-intrusion detection system (HIDS) is a software installed on a device or server to monitor suspicious activity and detect malicious requests. Module 9 (Slide 12)

As described by the SANS Institute, which attack surface includes the exploitation of vulnerabilities in wired and wireless protocols used by IoT devices?

Which statement describes the term attack surface?

An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker.
The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)

MCyber_Chap9

Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?

Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?

Switches are LAN infrastructure devices interconnecting endpoints. They are susceptible to LAN-related attacks including MAC address-table overflow attacks, spoofing attacks, LAN storm attacks, STP manipulation attacks, and VLAN attacks.

In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?

The telemetry functionality in most host-based security suites provides robust logging functionality and submits logs to a central location for analysis.

Which technology might increase the security challenge to the implementation of IoT in an enterprise environment?

With cloud computing, boundaries of enterprise networks are expanded to include locations on the Internet for which the enterprises are not responsible. Malicious software might access the internal network endpoints to attack internal networks.

Which statement describes agentless antivirus protection?

Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine. Agentless antivirus protection performs scans on hosts from a centralized system.

Which HIDS is an open source product?

The Open Source HIDS SECurity (OSSEC) software is an open source HIDS that uses a central manager server and agents that are installed on the hosts that are to be monitored.

In Windows Firewall, when is the Domain profile applied?

The Domain profile in Windows Firewall configuration is for connections to a trusted network, such as a business network, that is assumed to have an adequate security infrastructure.

What is a host-based intrusion detection system (HIDS)?

Host-intrusion detection system (HIDS) is a software installed on a device or server to monitor suspicious activity and detect malicious requests. Module 9 (Slide 12)

As described by the SANS Institute, which attack surface includes the exploitation of vulnerabilities in wired and wireless protocols used by IoT devices?

Which statement describes the term attack surface?

An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker. The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)

Switches are LAN infrastructure devices interconnecting endpoints.
They are susceptible to LAN-related attacks including MAC address-table overflow attacks, spoofing attacks, LAN storm attacks, STP manipulation attacks, and VLAN attacks.

With cloud computing, boundaries of enterprise networks are expanded to include locations on the Internet for which the enterprises are not responsible.
Malicious software might access the internal network endpoints to attack internal networks.

Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine.
Agentless antivirus protection performs scans on hosts from a centralized system.

An attack surface is the total sum of the vulnerabilities in a system that is accessible to an attacker.
The attack surface can consist of open ports on servers or hosts, software that runs on Internet-facing servers, wireless network protocols, and even users.