transportation system growth problems June 24, 2021
homework help w9h June 24, 2021
Host-based IDPS’ scrutinizes an organizations network data traffic by searching for matching patterns in known signatures, such as preconfiguration and predetermined attack schemas.
True
False
0.10000 points
QUESTION 2
Network IDPS’ detects more categories of attacks than a Host-based IDPS because it does not necessitate complex configurations and extensive maintenance programs.
True
False
0.10000 points
QUESTION 3
A(n) ______________________ gathers statistical summaries by observing traffic that is perceived or known to be normal.
0.10000 points
QUESTION 4
A(n) ______________________ classifies IDPS attack notifications by sorting or distinguishing actual attacks from false positives.
0.10000 points
QUESTION 5
In a properly designed system, a(n) _________________ event do not elevate to an incident level because legitimate incident and activities would not be wrongfully reported.
0.10000 points
QUESTION 6
An IDPS or IPS automated response system, known as a(n) _____________, combines its resources to detect intrusions and then trail those intrusions back to its source.
0.10000 points
QUESTION 7
Application IDPS’ examines application event abnormality, by reviewing files that are created by applications with the intent of identifying anomalous occurrences, invalid file executions, excessive user authorization, or problematic interactions between the users, application, and data.
True
False
0.10000 points
QUESTION 8
A(n) _____________________ reduces an organization’s administrative overhead and the total number of generated notifications because it consolidates identical warnings into a single higher-level notice.
0.10000 points
QUESTION 9
It is ill-advised for an organization to assign its patch management responsibility to its Incident Response Team (IRT) because these endeavors are challenging time-intensive functions that necessitate a high degree of expertise and cannot be delayed while the IRT respond to other incidents.
True
False
0.10000 points
QUESTION 10
An after action review serves as an invaluable learning tool for an organization’s response teams because it acts as a training tool for current and future team members by enabling them to observe what historical incidents occurred, what actions were performed, and if these actions were effective to mitigate the incident.
True
False
0.10000 points
QUESTION 11
When deploying a(n) ____________________ within the interior of a firewall, this component mandates that all traffic passes through the system before reporting back to the network-based IDPS.
0.10000 points
QUESTION 12
Precursors are an indicator that an adverse event is underway and is highly probable to become an incident, whereas an indicator is a sign that an observed activity is a signal that an incident will probably occur in the future.
True
False
0.10000 points
QUESTION 13
A(n) _______________________ occurs when legitimate incidents fail to receive attention and goes unreported.
0.10000 points
QUESTION 14
The CSIRT is responsible for handing multiple specific physical or logical segments of responses within an organization is a(n) ____________________________.
0.10000 points
QUESTION 15
When an adverse event become an authentic threat to a business’ operation, they are categorized as an incident; therefore, an incident candidate is a process of evaluating circumstances that will involve those events.
True
False
0.10000 points
QUESTION 16
A(n) _________________________ are triggered alarms that cause an IDPS to react as if a genuine attack was occurring.
0.10000 points
QUESTION 17
A (n) ______________________ process enables the NIDPS to identify patterns of attacks by comparing existing activity measurements to known signature and determine if an attack has or may occurred.
0.10000 points
QUESTION 18
A(n) ____________________ is an event that causes false positives or triggers alarms when no actual attacks are actually in progress.
0.10000 points
QUESTION 19
A(n) ___________________________ is a formal or informal group of information technology and information security personnel who are tasked with securing an organization’s information assets by detecting and preventing attacks to its assets.
0.10000 points
QUESTION 20
The responsibilities and functions of the CSIRT are not useful when there is a need to compare previous baselines against current performance levels because an organization’s technology, information systems, and perceived threat levels are unchangeable.
True
False
0.10000 points
QUESTION 21
When an organization observes that its network traffic has exceeded its measured and established baseline values, this is an indicator that an incident candidate is present. Under these circumstances, these occurrences are categorized with an unexpected time probable indicator.
True
False
0.10000 points
QUESTION 22
The CSIRT that provides advice and guidance to other organizational teams but have no direct or immediate authority over the teams they advise is a(n) ____________________________.
0.10000 points
QUESTION 23
Anomaly-based IDPS’ periodically samples network activities to establish a baseline and then measures events that surpasses the established parameter, this excess activity is known as a(n) ___________________.
0.10000 points
QUESTION 24
The primary responsibility for an organization’s management team and its leadership is to deal with unexpected situations and more importantly to reestablish the organization’s information system posture and the security of its information assets.
True
False
0.10000 points
QUESTION 25
An Incident Response Team (IRT) assumes the responsibility for intrusion detection functions within an organization because other response teams are challenged with other critical tasks and do not have sufficient time, expertise, or resources to accomplish the goal.
True
False
0.10000 points
QUESTION 26
HIDPS’ benefit is that it maintains its file logs that are useful when an attacker successfully attempts to mask its tracks by modifying its registry and produces its own independent audit of the attack. .
True
False
0.10000 points
QUESTION 27
Valid packet that exploits poorly configured DNS servers by introducting false information with the intent of corrupting server responses to queries from other network systems, is an attack example of a(n) ________________________.
0.10000 points
QUESTION 28
System resources that are placed into a functional system but has no normal use for in the system, is known as a(n) ________________________.
0.10000 points
QUESTION 29
System and network administrators often will use a(n) _______________ to scan their organization’s internal computer and networks to determine which vulnerabilities a hacker can see.
0.10000 points
QUESTION 30
A(n) ____________________ will indicate that an incident may be in progress, when an organization has property installed and configured the IDPS.
0.10000 points
Do you need a similar assignment done for you from scratch? We have qualified writers to help you. We assure you an A+ quality paper that is free from plagiarism. Order now for an Amazing Discount! Use Discount Code "Newclient" for a 15% Discount! NB: We do not resell papers. Upon ordering, we do an original paper exclusively for you.