Appendix . Answers to the “Do I Know This Already?” Quizzes and Q&A Questions

Chapter 1

“Do I Know This Already?” Quiz

1.

B

2.

C

3.

D

4.

B

5.

A

6.

C

7.

A

8.

C

9.

B

10.

A

Q&A

1.

What is a false positive?

Answer: A false positive happens when a signature triggers incorrectly during normal user traffic instead of attack traffic.

2.

What is a true positive?

Answer: A true positive happens when a signature correctly identifies an attack launched against the network.

3.

If your sensor has only two monitoring interfaces, can you operate in promiscuous and inline modes simultaneously?

Answer: No, because running inline requires a pair of sensor interfaces. If you have only two interfaces, you can run either a single interface pair (in inline mode) or two interfaces (in promiscuous ...

Get CCSP Self-Study: CCSP IPS Exam Certification Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial