Suggested Answer:security audit. Answer: A, B, and D are incorrect. Implementing NIDS and HIDS and configuring firewall to block unauthorized traffic are not examples of🗳️
Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a penetration testing is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full penetration testing.
C. Simulating an actual attack on a network
Penetration testing, also known as pen-testing or ethical hacking, is the practice of simulating an actual cyber-attack against computing systems or networks to detect vulnerabilities and identify potential avenues attackers might use during a real breach. This process involves active analysis of security vulnerabilities by mimicking the actions of real-life attackers who are trying to find ways to circumvent security measures and gain unauthorized access.
Options A and B relate to implementing intrusion detection technologies for threat monitoring at either network (NIDS) or host (HIDS) levels rather than attacking or probing systems themselves directly.
Option D relates to configuring firewalls with specific rules that control traffic entry into networks but does not refer specifically to penetration testing techniques on their own.
NIDS stands for Network Intrusion Detection System, and HIDS stands for Host-based Intrusion Detection System.
A network intrusion detection system (NIDS) is a security technology that analyzes network traffic to detect malicious activity or policy violations on networks. It monitors and inspects incoming and outgoing traffic across the entire network, looking for signs of unauthorized access, malware infections, data leakage attempts or other suspicious behavior from potential attackers.
In contrast, host-based intrusion detection systems (HIDS) operate by monitoring activities occurring within individual computing devices themselves at an operating system level rather than analyzing external traffic flowing into those devices over a network like NIDS does. This approach enables HIDs to track more granular details such as user login attempts or file changes made within specific contexts( like signatures of known viruses), making them useful in detecting threats originating internally within organizational infrastructures.
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
74gjd_37
5 months, 2 weeks ago74gjd_37
5 months, 2 weeks ago