Operating System Questions & Answers – Security – Intrusion Detection

This set of Operating System Multiple Choice Questions & Answers (MCQs) focuses on “Security – Intrusion Detection”.

1. What are the different ways to intrude?
a) Buffer overflows
b) Unexpected combinations and unhandled input
c) Race conditions
d) All of the mentioned
View Answer

Answer: d
Explanation: None.

2. What are the major components of the intrusion detection system?
a) Analysis Engine
b) Event provider
c) Alert Database
d) All of the mentioned
View Answer

Answer: d
Explanation: None.

3. What are the different ways to classify an IDS?
a) anomaly detection
b) signature based misuse
c) stack based
d) all of the mentioned
View Answer

Answer: d
Explanation: None.
advertisement
advertisement

4. What are the different ways to classify an IDS?
a) Zone based
b) Host & Network based
c) Network & Zone based
d) Level based
View Answer

Answer: b
Explanation: None.

5. What are the characteristics of anomaly based IDS?
a) It models the normal usage of network as a noise characterization
b) It doesn’t detect novel attacks
c) Anything distinct from the noise is not assumed to be intrusion activity
d) It detects based on signature
View Answer

Answer: a
Explanation: None.
Note: Join free Sanfoundry classes at Telegram or Youtube

6. What is the major drawback of anomaly detection IDS?
a) These are very slow at detection
b) It generates many false alarms
c) It doesn’t detect novel attacks
d) None of the mentioned
View Answer

Answer: b
Explanation: None.

7. What are the characteristics of signature based IDS?
a) Most are based on simple pattern matching algorithms
b) It is programmed to interpret a certain series of packets
c) It models the normal usage of network as a noise characterization
d) Anything distinct from the noise is assumed to be intrusion activity
View Answer

Answer: a
Explanation: None.
advertisement

8. What are the drawbacks of signature based IDS?
a) They are unable to detect novel attacks
b) They suffer from false alarms
c) They have to be programmed again for every new pattern to be detected
d) All of the mentioned
View Answer

Answer: d
Explanation: None.

9. What are the characteristics of Host based IDS?
a) The host operating system logs in the audit information
b) Logs includes logins,file opens and program executions
c) Logs are analysed to detect tails of intrusion
d) All of the mentioned
View Answer

Answer: d
Explanation: None.
advertisement

10. What are the drawbacks of the host based IDS?
a) Unselective logging of messages may increase the audit burdens
b) Selective logging runs the risk of missed attacks
c) They are very fast to detect
d) They have to be programmed for new patterns
View Answer

Answer: a
Explanation: None.

11. What are the strengths of the host based IDS?
a) Attack verification
b) System specific activity
c) No additional hardware required
d) All of the mentioned
View Answer

Answer: d
Explanation: None.

12. What are characteristics of stack based IDS?
a) They are integrated closely with the TCP/IP stack and watch packets
b) The host operating system logs in the audit information
c) It is programmed to interpret a certain series of packets
d) It models the normal usage of network as a noise characterization
View Answer

Answer: a
Explanation: None.

13. What are characteristics of Network based IDS?
a) They look for attack signatures in network traffic
b) Filter decides which traffic will not be discarded or passed
c) It is programmed to interpret a certain series of packet
d) It models the normal usage of network as a noise characterization
View Answer

Answer: a
Explanation: None.

14. What are strengths of Network based IDS?
a) Cost of ownership reduced
b) Malicious intent detection
c) Real time detection and response
d) All of the mentioned
View Answer

Answer: d
Explanation: None.

Sanfoundry Global Education & Learning Series – Operating System.

If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]

advertisement
advertisement
Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.