Variations from normal operations.

Looks for things outside the ordinary

HIDS

One of the first lines of defense in a network

Is the component or process the operator uses to manage the IDS or IPS.

Detects and monitors the network for anomalies and detects and logs only

This system works by looking for deviations from a pattern of normal network traffic.

NIDS

Configurations in a router or firewall that determine what is allowed in (in terms of traffic, data, applications, or whatever other term for criteria you want to use) and what is left out

Type of detection that looks for variations in behavior
such as unusually high traffic, policy violations, and so on.

Focuses on not only detecting anomalies on the network but focused on protecting the network as well

A collection of computer networks that agree on standards of operation, such as security standards

IPSec

An all-in-one appliance,

_________-________ __________is a system that acts based on the digital signature it sees and offers no repudiation to increase the integrity of a message.

You’ve been notified that you’ll soon be transferred to another site. Before you leave,
you’re to audit the network and document everything in use and the reason why it’s
in use. The next administrator will use this documentation to keep the network
running. Which of the following protocols isn’t a tunneling protocol but is probably
used at your site by tunneling protocols for network security?
A. IPSec
B. PPTP
C. L2TP
D. L2F

______ _________ _________ __________- is an intrusion detection system that monitors the computer infrastructure on which it is installed, analyzing traffic and logging malicious behavior. An HIDS gives you deep visibility into what's happening on your critical security systems ...

Works to identify and log changes in the system.  

Passive

SIEM

a private network connection that occurs through a
public network

Which device stores information about destinations in a network (choose the best
answer)?

A. Hub
B. Modem
C. Firewall
D. Router

Which of the following can be implemented as a software or hardware solution and is
usually associated with a device—a router, a firewall, NAT, and so on—used to shift a
load from one device to another?

An authentication protocol developed at MIT that uses tickets for authentication.

SSL

The _______________ is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment
and configuration of the IDS

Upper management has suddenly become concerned about security. As the senior network administrator, you are asked to suggest changes that should be
implemented. Which of the following access methods should you recommend if the technique to be used is one that is primarily based on preestablished access and can’t be changed by users?

A. MAC
B. DAC
C. RBAC
D. Kerberos

involves blocking websites (or sections of websites) based solely on the URL, restricting access to specified websites and certain web-based applications

 Unlike an HIDS/HIPS, an ____ ______ ______ _______ scans an entire network segment.

Passive

NAC

Is a message from the analyzer indicating that an event of interest has
occurred.

You’ve been assigned to mentor a junior administrator and bring her up to speed
quickly. The topic you’re currently explaining is authentication. Which method uses
a KDC to accomplish authentication for users, programs, or systems?

A. CHAP
B. Kerberos
C. Biometrics
D. Smartcards

Works by looking at the data that is coming in. Microsoft included content filtering in some versions of their browsers (Internet Explorer and Microsoft Edge), which could be configured using Content Advisor.