Q: What is the primary function of an Intrusion Detection System (IDS)?
A: To monitor, detect, and alert on malicious activities in a network.

Q: What are the two main types of IDS?
A: Passive IDS and Active IDS (IPS).

Q: Name three detection methods used by IDS.
A: Signature Recognition, Anomaly Detection, and Protocol Anomaly Detection.

Q: What is the difference between Host-based IPS (HIPS) and Network-based IPS (NIPS)?
A: HIPS monitors and protects individual hosts, while NIPS monitors and protects network traffic.

Q: What are firewalls primarily used for?
A: To control incoming and outgoing network traffic based on predetermined security rules.

Q: What is a Bastion Host in firewall architecture?
A: A specialized gateway that mediates traffic between an internal network and an external network.

Q: What is the purpose of a VPN in firewall technologies?
A: To secure communication over public networks by creating encrypted tunnels.

Q: What is a honeypot and its primary function?
A: A deceptive system designed to lure attackers and study their behavior.

Q: Differentiate between low-interaction and high-interaction honeypots.
A: Low-interaction honeypots simulate limited services, while high-interaction honeypots simulate real systems for deeper interaction.

Q: Name three evasion techniques for IDS.
A: Fragmentation, encrypted packets, and using false positives.

Q: What are common methods for evading firewalls?
A: Port scanning, tunneling, and spoofing techniques.

Q: How can attackers detect honeypots?
A: By identifying unusual system behavior or network responses indicative of honeypots.

https://quizlet.com/au/928576787/module-12-evading-ids-firewall-and-honeypots-flash-cards/?i=2hfw1u&x=1jqt