Review Questions 389
Review Questions
- An HIDS is used to monitor activity on which of the following?
A. Network
B. Application
C. Log file
D. Host- Which of the following can be used to identify a firewall?
A. Search engines
B. E-mail
C. Port scanning
D. Google hacking- An NIDS is based on technology similar to which of the following:
A. Packet sniffing
B. Privilege escalation
C. Enumeration
D. Backdoor- Which of the following can be used to evade an IDS?
A. Packet sniffing
B. Port scanning
C. Enumeration
D. Encryption- Altering a checksum of a packet can be used to do what?
A. Send an RST
B. Send a URG
C. Reset a connection
D. Evade an NIDS- Firewalking is done to accomplish which of the following?
A. Find the configuration of an NIDS
B. Find the configuration of an HIDS
C. Uncover a honeypot
D. Analyze a firewall