[ LiB ]  
  1. Pattern-matching IDS Misuse detection or pattern matching of malicious activity, also known as signature-based IDS.

  2. Stateful pattern-matching Adds to pattern-matching by searching for unique sequences that might be distributed across several packets within a stream.

  3. Managed device Devices such as routers, switches, and PIX Firewalls that can be sent an access control list (ACL) or shun commands by sensors in the effort to block offending traffic from hosts or networks.

  4. False positive A situation in which normal traffic or a benign action causes the signature to fire.

  5. False negative A situation in which a signature is not fired when offending traffic is detected. An actual attack is not detected .

  6. Obfuscation The use of Unicode, hex, or control characters to replace characters that can be used by hackers to evade detection by pattern-matching IDS signatures.

[ LiB ]  

CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
Year: 2004
Pages: 213 © 2008-2017.
If you may any questions please contact us: