1. What common security system is an IDPS most like? In what ways are these systems similar?
2. How does a false positive alarm differ from a false negative one? From a security perspective, which is least desirable?
3. How does a network-based IDPS differ from a host-based IDPS?
4. How does a signature-based IDPS differ from a behavior-based IDPS?
5. What is a monitoring (or SPAN) port? What is it used for?
6. List and describe the three control strategies proposed for IDPS control.
7. What is a honeypot? How is it different from a honeynet?
8. How does a padded cell system differ from a honeypot?
9. What is network footprinting? What is network fingerprinting? How are they related?
10. Why do many organizations ban port scanning activities on their internal networks?
Why would ISPs ban outbound port scanning by their customers?
11. What is an open port? Why is it important to limit the number of open ports to only those that are absolutely essential?
12. What is a vulnerability scanner? How is it used to improve security?
13. What is the difference between active and passive vulnerability scanners?
14. What kind of data and information can be found using a packet sniffer?
15. What capabilities should a wireless security toolkit include?
16. What is biometric authentication? What does the term biometric mean?
17. Are any biometric recognition characteristics considered more reliable than others?
Which are the most reliable?
18. What is a false reject rate? What is a false accept rate? What is their relationship to the crossover error rate?
19. What is the most widely accepted biometric authorization technology? Why do you think this technology is acceptable to users?
20. What is the most effective biometric authorization technology? Why do you think this technology is deemed to be most effective by security professionals?