Principles of Information Security, 4th Ed.,Chapter 7

18 terms by idrive140mph 

Create a new folder

Advertisement Upgrade to remove ads

Whitman and Mattord

___are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations.

NIDPSs

___is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device.

SPAN

Most NBA sensors can be deployed in___mode only, using the same connection methods as network-based IDPSs.

passive

___are decoy systems designed to lure potential attackers away from critical systems.

Honeypots

___sensors are typically intended for network perimeter use, so they would be deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall.

Inline

A___is a network tool that collects copies of packets from the network and analyzes them.

packet sniffer

___testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol.

Fuzz

Using___, the system reviews the log files generated by servers, network devices, and even other IDPSs.

LFM (log file monitor)

A(n)___is a proposed systems user.

supplicant

The port commonly used for the HTTP protocol:

80

A(n)___works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm.

IDS

___is based on the use of some measurable human characteristic or trait to authenticate the identity of a proposed systems user.

Biometric access control

In TCP/IP networking, port___is not used.

0 (zero)

___is the process of classifying IDPS alerts so that they can be more effectively managed.

Alarm filtering

___is an event that triggers an alarm when no actual attack is in progress.

False attack stimulus

___benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.

HIDPSs

To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known___in their knowledge base.

signatures

Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as___.

fingerprinting

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set