nerdexam
(ISC)2

CISSP-ISSMP · Question #131

Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports?

The correct answer is A. Port signatures. Port Signatures are IDS (Intrusion Detection System) signatures specifically designed to detect connection attempts targeting well-known, commonly attacked TCP/UDP ports - for example, port 23 (Telnet), port 21 (FTP), or port 1433 (MS SQL). These signatures flag suspicious probin

Security Operations Management

Question

Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports?

Options

  • APort signatures
  • BDigital signatures
  • CHeader condition signatures
  • DString signatures

How the community answered

(39 responses)
  • A
    92% (36)
  • B
    5% (2)
  • C
    3% (1)

Explanation

Port Signatures are IDS (Intrusion Detection System) signatures specifically designed to detect connection attempts targeting well-known, commonly attacked TCP/UDP ports - for example, port 23 (Telnet), port 21 (FTP), or port 1433 (MS SQL). These signatures flag suspicious probing activity. Digital signatures (B) are a cryptographic authentication mechanism, not an IDS pattern type. Header condition signatures (C) inspect packet header fields (flags, options, fragmentation) for anomalies. String signatures (D) search packet payloads for specific character sequences or patterns associated with known attacks.

Topics

#IDS/IPS#Signature-based detection#Network security monitoring#Threat detection

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice