Quick Quiz: Intrusion-prevention systems

Test your knowledge of intrusion-prevention systems (IPS) with these five multiple-choice questions.

More on this topic

Learn how to reduce false positives in IPSes.

An IPS is a must-have for any network.

Visit our IPS resource center.

1.) In the tip How to limit false positives in IPSes, author Jonathan Hassell recommends running an IPS in one of two modes to cut back on false positives. In which mode is an IPS likely to generate excessive false positives?
a. Mixed
b. Bridge
c. Blocking

2.) How does an IPS differ from an IDS?
a. An IPS detects network attacks, but doesn't issue alerts.
b. An IPS detects network attacks and issues alerts.
c. An IPS responds to network attacks by blocking traffic and resetting connections.
d. An IPS sits inline and monitors traffic.

Security Seven Awards

TechTarget's Information Security magazine, SearchSecurity.com and Information Security Decisions have created the Security Seven Awards to recognize the achievements of leading information security practitioners in seven vertical industries. Winners will be chosen from the financial services, telecommunications, manufacturing, energy, government, education and health care industries. To nominate an individual for the Security Seven Awards, please complete the form and return it to [email protected] by Aug. 1, 2005.

3.) What primary advantage does an IPS offer over IDS that makes it a crucial component of a security strategy?
a. The amount of logs generated
b. The speed at which attacks can be mitigated
c. The lower price tag
d. A reduced quantity of false positives

4.) Which of the following detection mechanisms might an IPS employ?
a. packet anomaly detection
b. generic pattern matching
c. TCP connection analysis
d. All of the above

5.) What term best describes the notion of analyzing the condition of systems and networks and doing what is appropriate to deal with whatever is wrong with them?
a. proportionality of response
b. passive defense
c. active defense
d. None of the above

This was last published in July 2005

Dig Deeper on Threat detection and response