Network Authentication Chapter 5

Card Set Information

Author:
jal128
ID:
299594
Filename:
Network Authentication Chapter 5
Updated:
2015-03-31 13:09:37
Tags:
Network Authentication
Folders:

Description:
Network Authentication Chapter 5
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user jal128 on FreezingBlue Flashcards. What would you like to do?


  1. Intrusion Detection System (IDS)
    An IDS monitors traffic offline and generates an alert (log) when it detects malicious traffic
  2. What types of malicious traffic does IDS detect?
    –Reconnaissance attacks

    –Access attacks

    –Denial of Service attacks
  3. Signature attributes (3)
    • Signature Type
    • Trigger (Alarm)
    • Action
  4. Signature Micro - Engines (5)
    • Atomic
    • Service
    • String
    • Multi-string
    • Other
  5. four types of signature triggers
    • –Pattern-based
    • detection

    • –Policy-based
    • detection

    • –Anomaly-based
    • detection

    • –Honey
    • pot-based detection
  6. Tuning Alarms
    • True Positive
    • True Negative
    • False Positive
    • False Negative
  7. Tuning IPS Signature Alarms (4)
    • Low
    • Medium
    • High
    • Informational
  8. Cisco device management software (3)
    • –Cisco
    • Router and Security Device Manager
    • (SDM)

    • –Cisco
    • IPS Manager Express (IME)

    • –Cisco
    • Security Manager (CSM)
  9. Actions performed when a signature is detected. (6)
    • Generate an alart
    • Log the activity
    • drop or prevent the activity
    • Reset a TCP connection
    • block future activity
    • allow the activity
  10. Two types of alerts
    • Atomic
    • Summary
  11. Atomic Alerts
    Generated every time a signature triggers.
  12. Summary Alerts
    A single alert that indicates multiple occurrences of the same signature from the same source address or port.
  13. To implement IOS IPS:
    • Step 1. Download the IOS IPS files.
    • Step 2. Create an IOS IPS configuration directory in flash.
    • Step 3. Configure an IOS IPS crypto key.
    • Step 4. Enable IOS IPS.
    • Step 5. Load the IOS IPS signature package to the router.

What would you like to do?

Home > Flashcards > Print Preview