Which of the following can be used to monitor a network for unauthorized activity? (Choose two.)

You're the administrator for Acme Widgets. After attending a conference on buzzwords for management, your boss informs you that an IDS should be up and running on the network by the end of the week. Which of the following systems should be installed on a host to provide IDS capabilities?

Which of the following is an active response in an IDS?

A junior administrator bursts into your office with a report in his hand. He claims that he has found documentation proving that an intruder has been entering the network on a regular basis. Which of the following implementations of IDS detects intrusions based on previously established rules that are in place on your network?

Which IDS function evaluates data collected from sensors?

During the creation of a new set of policies and procedures for network usage, your attention turns to role definition. By default, which of the following roles is responsible for reporting the results of an attack to a system operator or administrator?

What is a system that is intended or designed to be broken into by an attacker called?

An emergency meeting of all administrators has been called at MTS. It appears that an unauthorized user has been routinely entering the network after hours. A response to this intrusion must be formulated by those assembled. What is the process of formulating a reaction to a computer attack officially called?

Which of the following is not a part of an incident response?

Which protocol is mainly used to enable access to the Internet from a mobile phone or PDA?

Which protocol operates on 2.4GHz and has a bandwidth of 1Mbps or 2Mbps?

You're outlining your plans for implementing a wireless network to upper management. Suddenly, a paranoid vice president brings up the question of security. Which protocol was designed to provide security to a wireless network and can be considered equivalent to the security of a wired network?

Which of the following is a primary vulnerability of a wireless environment?

As the administrator for MTS, you want to create a policy banning the use of instant messaging, but you're receiving considerable opposition from users. To lessen their resistance, you decide to educate them about the dangers inherent in IM. To which of the following types of attacks is IM vulnerable?

What is the process of identifying the configuration of your network called?

During the annual performance review, you explain to your manager that this year you want to focus on looking at multiple sources of information and determining what systems your users may be using. You think this is a necessary procedure for creating a secure environment. What is the process of identifying your network and its security posture called?

When an event is detected when it is happening, it is being detected in:

A user calls with a problem. Even though she has been told not to use instant messaging, she has been doing so. For some reason, she is now experiencing frequent interrupted sessions. You suspect an attack and inform her of this. What is the process of disrupting an IM session called?

You've just received a call from an IM user in your office who visited an advertised website. The user is complaining that his system is unresponsive and about a million web browser windows have opened on his screen. What type of attack has your user experienced?

A fellow administrator is reviewing the log files for the month when he calls you over. A number of IDS entries don't look right to him, and he wants to focus on those incidents. Which of the following terms best describes an occurrence of suspicious activity within a network?