CIS 359 STUDY Extraordinary Success /cis359study.com CIS 359 STUDY Extraordinary Success /cis359study.c | Page 18

early warning about new attack and exploitation trends; and can allow
in-depth examination of adversaries during and after exploitation.
Question 10
Using a process known as ____, network-based IDPSs look for attack
patterns by comparing measured activity to known signatures in their
knowledge base to determine whether or not an attack has occurred or
may be under way.
Question 11
In an attack known as ____, valid protocol packets exploit poorly
configured DNS servers to inject false information to corrupt the
servers’ answers to routine DNS queries from other systems on that
network.
Question 12
The use of IDPS sensors and analysis systems can be quite complex.
One very common approach is to use an open source software
program called ____ running on an open source UNIX or Linux
system that can be managed and queried from a desktop computer
using a client interface.
Question 13
The ____ approach for detecting intrusions is based on the frequency
with which certain network activities take place.
Question 14
A(n) ____ , a type of IDPS that is similar to the NIDPS, reviews the
log files generated by servers, network devices, and even other IDPSs.
Question 15
The ____ is a federal law that creates a general prohibition on the
realtime monitoring of traffic data relating to communications.
Question 16