Page 494 - StudyBook.pdf
P. 494

478    Chapter 7 • Topologies and IDS

                  A. Evasion

                  B. IP Fragmentation
                  C. Session splicing
                  D. Session hijacking


              12. You have been asked to explore what would be the best type of IDS to
                  deploy at your company site.Your company is deploying a new program that
                  will be used internally for data mining.The IDS will need to access the data
                  mining application’s log files and needs to be able to identify many types of
                  attacks or suspicious activity.Which of the following would be the best
                  option?

                  A. Network-based that is located in the internal network
                  B. Host-based IDS

                  C. Application-based IDS
                  D. Network-based IDS that has sensors in the DMZ

              13. You are about to install WinDump on your Windows computer.Which of the
                  following should be the first item you install?
                  A. LibPcap

                  B. WinPcap
                  C. IDSCenter
                  D. A honeynet


             14. You must choose what type of IDS to recommend to your company.You need
                 an IDS that can be used to look into packets to determine their composition.
                 What type of signature type do you require?

                  A. File based
                  B. Context-based
                  C. Content-based
                  D. Active











          www.syngress.com
   489   490   491   492   493   494   495   496   497   498   499