Computer Science Engineering (CSE) Exam  >  Computer Science Engineering (CSE) Tests  >  Computer Networks  >  Test: Intrusion Detection Systems - Computer Science Engineering (CSE) MCQ

Test: Intrusion Detection Systems - Computer Science Engineering (CSE) MCQ


Test Description

10 Questions MCQ Test Computer Networks - Test: Intrusion Detection Systems

Test: Intrusion Detection Systems for Computer Science Engineering (CSE) 2024 is part of Computer Networks preparation. The Test: Intrusion Detection Systems questions and answers have been prepared according to the Computer Science Engineering (CSE) exam syllabus.The Test: Intrusion Detection Systems MCQs are made for Computer Science Engineering (CSE) 2024 Exam. Find important definitions, questions, notes, meanings, examples, exercises, MCQs and online tests for Test: Intrusion Detection Systems below.
Solutions of Test: Intrusion Detection Systems questions in English are available as part of our Computer Networks for Computer Science Engineering (CSE) & Test: Intrusion Detection Systems solutions in Hindi for Computer Networks course. Download more important topics, notes, lectures and mock test series for Computer Science Engineering (CSE) Exam by signing up for free. Attempt Test: Intrusion Detection Systems | 10 questions in 10 minutes | Mock test for Computer Science Engineering (CSE) preparation | Free important questions MCQ to study Computer Networks for Computer Science Engineering (CSE) Exam | Download free PDF with solutions
Test: Intrusion Detection Systems - Question 1

Which of the following is an advantage of anomaly detection?

Detailed Solution for Test: Intrusion Detection Systems - Question 1

Answer: c
Explanation: Once a protocol has been built and a behavior defined, the engine can scale more quickly and easily than the signature-based model because a new signature does not have to be created for every attack and potential variant.

Test: Intrusion Detection Systems - Question 2

A false positive can be defined as…

Detailed Solution for Test: Intrusion Detection Systems - Question 2

Answer: d
Explanation: A false positive is any alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior.

1 Crore+ students have signed up on EduRev. Have you? Download the App
Test: Intrusion Detection Systems - Question 3

One of the most obvious places to put an IDS sensor is near the firewall. Where exactly in relation to the firewall is the most productive placement?

Detailed Solution for Test: Intrusion Detection Systems - Question 3

Answer: a
Explanation: There are legitimate political, budgetary and research reasons to want to see all the “attacks” against your connection, but given the care and feeding any IDS requires, do yourself a favor and keep your NIDS sensors on the inside of the firewall.

Test: Intrusion Detection Systems - Question 4

What is the purpose of a shadow honeypot?

Detailed Solution for Test: Intrusion Detection Systems - Question 4

Answer: c
Explanation: “Shadow honeypots,” as researchers call them, share all the same characteristics of protected applications running on both the server and client side of a network and operate in conjunction with an ADS.

*Multiple options can be correct
Test: Intrusion Detection Systems - Question 5

 At which two traffic layers do most commercial IDSes generate signatures?

Detailed Solution for Test: Intrusion Detection Systems - Question 5

Answer: b, d
Explanation: Most commercial IDSes generate signatures at the network and transport layers.

Test: Intrusion Detection Systems - Question 6

An IDS follows a two-step process consisting of a passive component and an active component. Which of the following is part of the active component?

Detailed Solution for Test: Intrusion Detection Systems - Question 6

Answer: b
Explanation: Second component of mechanisms are set in place to reenact known methods of attack and to record system responses.

Test: Intrusion Detection Systems - Question 7

When discussing IDS/IPS, what is a signature?

Detailed Solution for Test: Intrusion Detection Systems - Question 7

Answer: b
Explanation: IDSes work in a manner similar to modern antivirus technology. They are constantly updated with attack-definition files (signatures) that describe each type of known malicious activity.

*Multiple options can be correct
Test: Intrusion Detection Systems - Question 8

“Semantics-aware” signatures automatically generated by Nemean are based on traffic at which two layers?

Detailed Solution for Test: Intrusion Detection Systems - Question 8

Answer: a, c
Explanation: Nemean automatically generates “semantics-aware” signatures based on traffic at the session and application layers.

Test: Intrusion Detection Systems - Question 9

Which of the following is used to provide a baseline measure for comparison of IDSes?

Detailed Solution for Test: Intrusion Detection Systems - Question 9

Answer: a
Explanation: As the sensitivity of systems may cause the false positive/negative rates to vary, it’s critical to have some common measure that may be applied across the board.

Test: Intrusion Detection Systems - Question 10

Which of the following is true of signature-based IDSes?

Detailed Solution for Test: Intrusion Detection Systems - Question 10

Answer: d
Explanation: They are constantly updated with attack-definition files (signatures) that describe each type of known malicious activity. They then scan network traffic for packets that match the signatures, and then raise alerts to security administrators.

21 videos|107 docs|66 tests
Information about Test: Intrusion Detection Systems Page
In this test you can find the Exam questions for Test: Intrusion Detection Systems solved & explained in the simplest way possible. Besides giving Questions and answers for Test: Intrusion Detection Systems, EduRev gives you an ample number of Online tests for practice

Up next

21 videos|107 docs|66 tests
Download as PDF

Up next