Last Updated on December 11, 2018 by
Which tools can identify malicious traffic by comparing packet contents with known attack characteristics?A signature-based intrusion detection system (SIDS) monitors all the packets traversing the network and compares them against a database of attack signatures or attributes of known malicious threats, much like antivirus software.
Which tool can perform real time traffic and port analysis and can also detect port scan?Snort is an open source intrusion protection system (IPS) that is capable of performing real-time traffic and port analysis, packet logging, content searching and matching, as well as detecting probes, attacks, port scans, fingerprinting, and buffer overflow attacks.
What are the two tools used for incident detection?intrusion detection system. intrusion detection system.. Honeypot.. NetFlow.. a reverse proxy server.. Which protocol is used by the Cisco Cyber Threat Defense Solution to collect information about the traffic that is traversing the network?Netflow is used by the cisco cyberthreat defense solution to collect information about the traffic that is traversing the network.
|