CISSP-ISSMP Question #81: Real Exam Question with Answer & Explanation

Question

Which of the following is a process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems?

Options

• AIDS
• BOPSEC
• CHIDS
• DNIDS

Explanation

OPSEC (Operations Security) is a process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems, and if information obtained by adversaries could be interpreted to be useful to them. After obtaining the information, the process executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Answer option C is incorrect. A host-based intrusion detection system (HIDS) is an intrusion detection system that monitors and analyses the internals of a computing system rather than the network packets on its external interfaces. A host-based Intrusion Detection System (HIDS) monitors all or parts of the dynamic behavior and the state of a computer system. HIDS look at the state of a system, its stored information, whether in RAM, in the file system, log files or elsewhere; and check that the contents of these appear as expected. Answer option A is incorrect. An Intrusion detection system (IDS) is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet. It can detect several types of attacks and malicious behaviors that can compromise the security of a network and computers. This includes network attacks against vulnerable services, unauthorized logins and access to sensitive data, and malware (e.g. viruses, worms, etc.). An IDS also detects attacks that originate from within a system. In most cases, an IDS has three main components: Sensors, Console, and Engine. Sensors generate security events. A console is used to alert and control sensors and to monitor events. An engine is used to record events and to generate security alerts based on received security events. In many IDS implementations, these three components are combined into a single device. Basically, following two types of IDS are useD. Network-based IDS Answer option D is incorrect. A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic. A NIDS reads all the incoming packets and tries to find suspicious patterns known as signatures or rules. It also tries to detect incoming shell codes in the same manner that an ordinary intrusion detection

No community discussion yet for this question.