ISC2 CSSLP Exam - Topic 11 Question 107 Discussion

An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or

disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by

crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted traffic. An intrusion detection

system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This includes

network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation,

unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).

Answer D is incorrect. Access Control List (ACL) is the most commonly used object in Cisco IOS. It filters packets or network traffic by

controlling whether routed packets are forwarded or blocked at the router's interfaces. According to the criteria specified within the access

lists, router determines whether the packets to be forwarded or dropped. Access control list criteria could be the source or destination

address of the traffic or other information. The types of Cisco ACLs are Standard IP, Extended IP, IPX, Appletalk, etc.

Answer B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital

signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read. IPSec also provides sender verification

that ensures the certainty of the datagram's origin to the receiver.

Answer A is incorrect. Direct-attached storage (DAS) is a digital storage system that is directly attached to a server or workstation,

without using a storage network.