390 Chapter 16 ■ Evading IDSs, Firewalls, and Honeypots
- An attacker can use to find information about a firewall.
A. Banner grabbing
B. Backdoors
C. Packet mapping
D. NNTP - A is used to attack an IDS.
A. NULL session
B. DoS
C. Shellcode
D. Port scan - Which of the following uses a database of known attacks?
A. Signature file
B. Anomaly
C. Behavior
D. Shellcode - An anomaly-based NIDS is designed to look for what?
A. Patterns of known attacks
B. Deviations from known traffic patterns
C. Log alterations
D. False positives - Multihomed firewall has a minimum of how many network connections?
A. 2
B. 3
C. 4
D. 5 - DMZ is created with which of the following?
A. A firewall and a router
B. A multihomed firewall
C. Two rout e r s
D. A multihomed router - A firewall is used to separate which of the following?
A. Networks
B. Hosts
C. Permissions
D. ACL