Term

Q1 What is an IPS signature? Options: A) It is a set of rules used to detect typical intrusive activity. B) It is the authorization that is required to implement a security policy. C) It is the timestamp that is applied to logged security events and alarms. D) It is a security script that is used to detect unknown threats.

Definition

Answer: A) It is a set of rules used to detect typical intrusive activity.

Term

Q2 Which network technology uses a passive splitting device that forwards all traffic, including Layer 1 errors, to an analysis device? Options: A) Network tap B) SNMP C) IDS D) NetFlow

Definition

Answer: A) Network tap

Term

Q3 What is a characteristic of an IPS operating in inline-mode? Options: A) It can stop malicious traffic from reaching the intended target. B) It requires the assistance of another network device to respond to an attack. C) It can only send alerts and does not drop any packets. D) It does not affect the flow of packets in forwarded traffic.

Definition

Answer: A) It can stop malicious traffic from reaching the intended target.