Exam (elaborations)
CCNA Security 210-260 - IPS Exam Questions and Answers (Latest Update 2024)RATED A+
- Course
- Institution
CCNA Security 210-260 - IPS Exam Questions and Answers (Latest Update 2024)RATED A+
[Show more]
Content preview
CCNA Security 210-260 - IPS Exam Questionsand Answers (Latest Update 2024)RATED A+
"Which of the following best describes how an IPS is similar to an IDS?
A. They both prevent malicious traffic from infiltrating the network
B. They both use signatures to detect malicious traffic
C. They both sit in the path of network traffic
D. Neither sits in the path of network traffic" - CORRECT ANSWERS B. They
both use signatures to detect malicious traffic
What is the primary benefit of signature-based detection methods? - CORRECT
ANSWERS The number of false positives generated is typically low
Signature-based detection do not privde adequate protection against ______
attacks? - CORRECT ANSWERS New attackes, because there is a delay
between the time a threat is released and the time a signature is developed to
detect the threat.
What type of devices typically sits inline in the path of network traffic? IDS or IPS? -
CORRECT ANSWERS IPS
Where does Cisco recommend deploying an IPS? Why? - CORRECT ANSWERS
Cisco recommends deploying an IPS on the inside interface of the firewall because,
to prevent the IPS from wasting resources by analyzing traffic that will ultimately be
blocked by the firewall. This allows efficiently analysis of permitted traffic.
What type of network does and IDS use to sniff the network traffic? - CORRECT
ANSWERS An IDS uses a Promiscuous network interface
Why is an IDS unable to prevent malicious traffic from infiltrating the networ? -
CORRECT ANSWERS Because traffic does not flow through an IDS device
What is a action an IDS can take if it detect malicious traffic? - CORRECT
ANSWERS It can alert other netowrk devices in the traffic path so that
further traffic can be blocked.
,CCNA Security 210-260 - IPS Exam Questions
and Answers (Latest Update 2024)RATED A+
A _____ can be configured to send TCP reset notifications? - CORRECT ANSWERS
IDS
A _____ can be configured to send ICMP unreachable message to the source and
destination addresses? - CORRECT ANSWERS IDS
________ devices use rules to detect protocol traffic that does not follow standard
methods of operation. - CORRECT ANSWERS Protocol-Behavior IDS and IPS
What are the Protocol-behavior IDS and IPS rules usually based on? - CORRECT
ANSWERS Request for Comments (RFC) documents that define each
protocol.
Why do Protocol-behavior IDS and IPS have higher rates of false positives? -
CORRECT ANSWERS Sinces there is no way to know for sure whether the
traffic is caused by a malicious user or by a poorly coded application.
Which type of IDS and IPS can detect nonstandard traffic? - CORRECT ANSWERS
Protocol-Behavior IDS and IPS
Which type of IDS and IPS can detect abnormalities in network traffic behavior? -
CORRECT ANSWERS Anomaly-detection IDS and IPS
What must be done before enabling anomaly-detection devices? - CORRECT
ANSWERS Must capture a network baseline reading what normal network
traffic patterns are like
Which type of IDS and IPS have a higher false positive rate, but are capable of
detecting new attacks? - CORRECT ANSWERS Anomaly-detection IDS and
IPS
What does Anomaly-detection IPS and IDS compare network traffic patterns to? -
CORRECT ANSWERS Compare current network patterns to baseline network
pattern
, CCNA Security 210-260 - IPS Exam Questions
and Answers (Latest Update 2024)RATED A+
"Which of the following occurs when an IDS or IPS does not identigy malicious traffic
that enters the network?
A. A False Negative
B. A True Negative
C. A False Positive
D. A True Positive" - CORRECT ANSWERS A. A False Negative
To properly secure an network, you should reduce the number of _______ negatives
as much as possible by fine-tunning IDS and IPS rules, even if more false ____
positives are reported. - CORRECT ANSWERS false negatives, false positives
Which type is worse false negative or false positive and why? - CORRECT
ANSWERS False negative, because malicious traffic may enter a network and
no one will be alerted
When does a false positive occur? - CORRECT ANSWERS When an IDS or IPS
devices identifies nonmalicious traffic as malicious.
What are the adverse effects of a false positive? - CORRECT ANSWERS To
many false positives can overburden a router, and can also burden a network
administrator because false positives must usually be verified as harmless.
What is a true positive? - CORRECT ANSWERS When an IDS or IPS devices
correctly identifies malicious traffic as malicious.
What is a true negative? - CORRECT ANSWERS When an IDS or IPS devices
correctly identifies nonmalicious traffic as harmless.
"Which of the following is a CIsco IPS appliance feature that analyzes normal
network activity to detect hosts that are infected with worms?
A. A signature definition
B. Global Correlation
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller NURSINGGRADER2012. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.19. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
82388 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now