| Network Security 1.0 | |
| Final Exam Answers | |
| This Chapters 11 - 12 | |
| Chapters 11 - 12 Exam Answers | Online Test |
| Next Chapters 13 - 14 | |
| Chapters 13 - 14 Exam Answers | Online Test |
| Network Security Packet Tracer Activity Files Answers | |
| 11.4.6 Packet Tracer – Implement a Local SPAN Answers | |
| Network Security Student Lab Source Files Answers | |
| NA | |
What information must an IPS track in order to detect attacks matching a composite signature?
- the total number of packets in the attack
- the state of packets related to the attack
- the attacking period used by the attacker
- the network bandwidth consumed by all packets
Answers Explanation & Hints: A composite signature is called a stateful signature. It identifies a sequence of operations distributed across multiple hosts over an arbitrary period of time. Because this type of attack involves multiple packets, an IPS sensor must maintain the state information. However, an IPS sensor cannot maintain the state information indefinitely. A composite signature is configured with a time period to maintain the state for the specific attack when it is first detected. Thus, an IPS may not be able to maintain all the information related to an attack such as total number of packets, total length of attack time, and the amount of bandwidth consumed by the attack.
| Network Security 1.0 | |
| Final Exam Answers | |
| This Chapters 11 - 12 | |
| Chapters 11 - 12 Exam Answers | Online Test |
| Next Chapters 13 - 14 | |
| Chapters 13 - 14 Exam Answers | Online Test |
| Network Security Packet Tracer Activity Files Answers | |
| 11.4.6 Packet Tracer – Implement a Local SPAN Answers | |
| Network Security Student Lab Source Files Answers | |
| NA | |