Evading IDS, Firewalls and Honeypots
To engage in malicious activity against networking and computing systems while being undetected by networking security hardware.
- If your network has one IPS device and one IDS device, where should each be placed in your network? (Select all that apply.)
- Which of these would initiate countermeasures against security breach attempts:
- One way to defeat multi-layered security solutions is to leak data via what?
- Which of the following blocks unauthorized access from a public network?
- A recently hired network security analyst at a bank was given the responsibility to perform daily scans of the internal network to look for unauthorized devices. The employee decides to write a script that will scan the network for unauthorized devices every morning at 5:00 am. Which language would be best for accomplishing this task?
- James, an intern, has been reading about vulnerability assessments and penetration testing and asks you for the definition of a honeypot. What do you tell him?
- A hacker breaks down an attack into various packets and they pass through the IDS. However, when reassembled at the receiving system, they compromise the host. This is an example of ______.
- You work as a Security Analyst for a retail organization. In securing the company's network, you set up a firewall and an IDS. However, hackers are able to attack the network. After investigating, you discover that your IDS is not configured properly and therefore is unable to trigger alarms when needed. What type of alert is the IDS giving?
- If the IDS reports a stream of packets to be all right, but in fact they contain malicious data, you would call this:
- Packet Filter firewalls on the ______ Layer of the OSI model.