.png){kind=logo}
Intrusion Detection Chapter 5 / Actual Questions & Verified Answers, / .A(n) ____ is the set of rules and configuration guidelines governing the implementation and
operation of IDPSs within the organization. - Answer: site policy
A(n) ____ is any system resource that is placed onto a functional system but has no normal use for that system. If it attracts attention, it is from unauthorized access and will trigger a
notification or response. - Answer: honeytoken
New systems can respond to an incident threat autonomously, based on preconfigured options that go beyond simple defensive actions usually associated with IDPS and IPS systems. These systems, referred to as ____, use a combination of resources to detect an intrusion and then to
trace the intrusion back to its source. - Answer: trap and trace
A(n) ____ is a sign that an adverse event is underway and has a probability of becoming an
incident. - Answer: indication
Most organizations will find themselves awash in incident candidates at one time or another,
and the vast majority will be ____. - Answer: false positives
The task of monitoring file systems for unauthorized change is best performed by using a(n)
____. - Answer: HIDPS
The process of evaluating the circumstances around organizational events includes determining which adverse events are possible incidents, or ____. - Answer: incident candidates
- / 1
.png)