Ch 11 Ethical Hacker Pro Review Questions and Answers
1 view 0 purchase
Course
Ethical Hacking
Institution
Ethical Hacking
An IT technician receives an IDS alert on the company network she manages. A seemingly random user now has administration privileges in the system, some files are missing, and other files seem to have just been created. Which of the following alerts did this technician receive? True positive
An ID...
Ch 11 Ethical Hacker Pro Review
Questions and Answers
An IT technician receives an IDS alert on the company network she manages. A
seemingly random user now has administration privileges in the system, some files are
missing, and other files seem to have just been created. Which of the following alerts
did this technician receive? ✅True positive
An IDS can perform many types of intrusion detections. Three common detection
methods are signature-based, anomaly-based, and protocol-based. Which of the
following best describes protocol-based detection? ✅This detection method can
include malformed messages and sequencing errors.
Which of the following IDS detection types compare behavior to baseline profiles or
network behavior baselines? ✅Anomaly-based
What are the two types of Intrusion Detection Systems (IDSs)? ✅HIDS and NIDS
You are on a Windows system. You receive an alert that a file named MyFile.txt.exe
had been found. Which of the following could this indicate? ✅Host-based IDS
Which of the following is a sign of a network-based intrusion? ✅New or unusual
protocols and services running.
ARP, DNS, and IP are all examples of which of the following? ✅Spoofing methods
An attacker conducts a normal port scan on a host and detects protocols used by a
Windows operating system and protocols used by a Linux operating system. Which of
the following might this indicate? ✅A honeypot
Which of the following is another name for the signature-based detection method?
✅Misuse detection
Ping of death, teardrop, SYN flood, Smurf, and fraggle are all examples of which of the
following? ✅DoS attack types
Robin, an IT technician, has implemented identification and detection techniques based
on the ability to distinguish legitimate traffic from illegitimate traffic over the network.
Which of the following is he trying to achieve? ✅Defend the network against IDS
evasions.
When it comes to obfuscation mechanisms, nmap has the ability to generate decoys,
meaning that detection of the actual scanning system becomes much more difficult.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller twishfrancis. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.99. You're not tied to anything after your purchase.
