16.5. Answers to Review Questions

  1. C. An IPS sensor by definition and location in the network can block traffic entering the network.

  2. A. An IDS's primary function is to scan the traffic and perform a deep inspection of its intent.

  3. A. The host-based sensors like HIPS must be written for each OS that it is going to be used on.

  4. C. Network-based sensors are best at defending the whole network segment and the only one that can block traffic is the IPS.

  5. B. A honeypot is put into place so that you can learn what types of attacks are being run. This way you can learn from the attacks and better defend your network.

  6. B. The most common type of scanning is with signatures.

  7. A. A signature microengine SME is used to scan the traffic against a signature and determine ...

Get Cisco® Network Professional's: Advanced Internetworking Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial