Security – Intrusion Detection MCQ’s

Read Time:2 Minute, 30 Second

This set of Operating System Multiple Choice Questions & Answers (MCQs) focuses on “Security – Intrusion Detection”.

1. What are the major components of the intrusion detection system?
a) Analysis Engine
b) Event provider
c) Alert Database
d) All of the mentioned

2. What are the different ways to classify an IDS?
a) anomaly detection
b) signature based misuse
c) stack based
d) all of the mentioned

3. What are the different ways to intrude?
a) Buffer overflows
b) Unexpected combinations and unhandled input
c) Race conditions
d) All of the mentioned

4. What are the different ways to classify an IDS?
a) Zone based
b) Host & Network based
c) Network & Zone based
d) Level based

5. What is the major drawback of anomaly detection IDS?
a) These are very slow at detection
b) It generates many false alarms
c) It doesn’t detect novel attacks
d) None of the mentioned

6. What are the drawbacks of signature based IDS?
a) They are unable to detect novel attacks
b) They suffer from false alarms
c) They have to be programmed again for every new pattern to be detected
d) All of the mentioned

7. What are the characteristics of anomaly based IDS?
a) It models the normal usage of network as a noise characterization
b) It doesn’t detect novel attacks
c) Anything distinct from the noise is not assumed to be intrusion activity
d) It detects based on signature

8. What are the characteristics of signature based IDS?
a) Most are based on simple pattern matching algorithms
b) It is programmed to interpret a certain series of packets
c) It models the normal usage of network as a noise characterization
d) Anything distinct from the noise is assumed to be intrusion activity

9. What are the characteristics of Host based IDS?
a) The host operating system logs in the audit information
b) Logs includes logins,file opens and program executions
c) Logs are analysed to detect tails of intrusion
d) All of the mentioned

10. What are the strengths of the host based IDS?
a) Attack verification
b) System specific activity
c) No additional hardware required
d) All of the mentioned

11. What are characteristics of Network based IDS?
a) They look for attack signatures in network traffic
b) Filter decides which traffic will not be discarded or passed
c) It is programmed to interpret a certain series of packet
d) It models the normal usage of network as a noise characterization

12. What are the drawbacks of the host based IDS?
a) Unselective logging of messages may increase the audit burdens
b) Selective logging runs the risk of missed attacks
c) They are very fast to detect
d) They have to be programmed for new patterns

13. What are characteristics of stack based IDS?
a) They are integrated closely with the TCP/IP stack and watch packets
b) The host operating system logs in the audit information
c) It is programmed to interpret a certain series of packets
d) It models the normal usage of network as a noise characterization

14. What are strengths of Network based IDS?
a) Cost of ownership reduced
b) Malicious intent detection
c) Real time detection and response
d) All of the mentioned

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous post Security – Securing Systems and Facilities MCQ’s
Next post Security – Cryptography MCQ’s