Evading IDS, Firewalls and Honeypots
SKILLSET
To engage in malicious activity against networking and computing systems while being undetected by networking security hardware.
Related Questions
- When you implement a network IDS (intrusion detection system), is it best practice to monitor both ingress and egress traffic against attacks and compromise?
- If network utilization exceeds the IDS sensor traffic rating, an acceptable solution is to use additional sensors at key points along the traffic path to allow for the capture of the entire traffic flow in aggregate. True or false?
- If your target network has fully patched machines, except for 1 that has 14 services running and a lot of vulnerabilities in each, this system is likely to be:
- Which countermeasure for a denial of service attack would include filtering out external packets that appear to come from an internal address?
- Snort is a:
- Which tool is good for fingerprinting VPN firewalls?
- You work as a Security Analyst for a retail organization. In securing the company's network, you set up a firewall and an IDS. However, hackers are able to attack the network. After investigating, you discover that your IDS is not configured properly and therefore is unable to trigger alarms when needed. What type of alert is the IDS giving?
- An IDS conducts all of the actions except for which of the following?
- Which type of access control is used on a router or firewall to block/limit network activity?
- To prevent a hacker from using SMB session hijacking, which TCP and UDP ports must be blocked at the firewall?