You are configuring your new Intrusion Detection System, and studying the true-false matrix. You read about the different types of alarms and events. Which of the following defines an event where an alarm is indicating an intrusion when there is an actual intrusion?
You have used a diagnostic utility to run a trace between two nodes on your network. During the trace, you are running a packet capture utility and notice the TTL is reaching zero on the trace. What will the router that identified the TTL as zero return to the host that originated the trace command?
After installing Snort on your Windows machine that is destined to be your IDS, you need to edit the configuration file to customize it to your needs. What is the name of that configuration file?
You have been given the task of building the new wireless networks for your office. What wireless standard allows for up to 54 Mbps transmission rates, but is not compatible with 802.11b?
You were recently hired as the security administrator of a small business. You are reviewing the current
state of security in the network and find that the current logging system must be immediately modified. As
the system is currently configured, auditing has no practical value. Which of the following are the reasons
that the current auditing has little value?
To verify that your PPTP implementation is working as you intended, you sniff the network after the implementation has been completed. You are looking for specific values in the captures that will indicate to you the type of packets received. You analyze the packets, including headers and payload. PPTP works at which layer of the OSI model?
During a training presentation, that you are delivering, you are asked how wireless networks function,
compared to the OSI Model. What two layers of the OSI Model are addressed by the 802.11 standards?
You are configuring your new Cisco router. During your configuration you wish to eliminate any security risks you can, as based on your organizational security policy. The policy states that the Cisco Discovery Protocol is not to be used on any interface on any of the routers. What is the command to turn off CDP for the entire router?
You are configuring a new custom IPSec policy on your Windows Server 2003 machine. On the rules tab,
you find the three default options under the IP Filter List. What are these three default options?