Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list stáhnout pdf (Strana 2)

642-531

Access Attacks

Access is a broad term used to describe any attack that requires the intruder to gain unauthorized access to a

secure system with the intent to manipulate data, elevate privileges, or simply access the system. The term

"access attack" is used to describe any attempt to gain system access, perform data manipulation, or elevate

privileges.

System Access AttacksSystem access is the act of gaining unauthorized access to a system for which the

attacker doesn't have a user account. Hackers usually gain access to a device by running a script or a hacking

tool, or exploiting a known vulnerability of an application or service running on the host.

Data Manipulation Access AttacksData manipulation occurs when an intruder simply reads, copies, writes,

deletes, or changes data that isn't intended to be accessible by the intruder. This could be as simple as finding

a share on a Windows 9xorNT computer , or as difficult as attempting to gain access to a credit bureau's

information, or breaking into the department of motor vehicles to change a driving record.

Reference:

CCSP Osborne page 810

Cisco Courseware 3-6

QUESTION 3

Which of the following represents a type of exploit that involves introducing programs that install in

inconspicuous back door to gain unauthorized access?

A. File sharing

B. Trojan horse

C. Protocol weakness

D. Session hijack

Answer: B

Explanation:

To gain remote access, they rely on keystroke capture software that's planted on a system, sometimes through a

worm or Trojan horse disguised as a game or screen saver.

Reference:Cisco Courseware 2-46

QUESTION 4

Which of the following is typical of signature-based intrusion detection?

A. Signature creation is automatically defined

B. Signature match patterns of malicious activity

C. Signatures are prone to a high number of false positive alarms.

D. Signatures focus on TCP connection sequences

Answer: B

Page 65 Cisco Press CCSP CSIDS 2nd edition under Misuse Detection

QUESTION 5

What does an attacker require to perform a Denial of Service attack?

1 2 3 4 5 6 7 ... 122 123

Žádné komentáře

Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list Strana 2