Page 1557 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1557

vulnerabilities and previously unknown vulnerabilities. Similarly,
                    denial-of-service (DoS) and distributed DoS (DDoS) attacks could

                    use zero-day exploits or use known methods.

                6.  A. Of the choices offered, drive-by downloads are the most
                    common distribution method for malware. USB flash drives can be
                    used to distribute malware, but this method isn’t as common as
                    drive-by downloads. Ransomware is a type of malware infection,
                    not a method of distributing malware. If users can install

                    unapproved software, they may inadvertently install malware, but
                    all unapproved software isn’t malware.

                7.  A. An IDS automates the inspection of audit logs and real-time
                    system events to detect abnormal activity indicating unauthorized
                    system access. Although IDSs can detect system failures and
                    monitor system performance, they don’t include the ability to
                    diagnose system failures or rate system performance. Vulnerability

                    scanners are used to test systems for vulnerabilities.

                8.  B. An HIDS monitors a single system looking for abnormal activity.
                    A network-based IDS (NIDS) watches for abnormal activity on a
                    network. An HIDS is normally visible as a running process on a
                    system and provides alerts to authorized users. An HIDS can detect
                    malicious code similar to how anti-malware software can detect
                    malicious code.

                9.  B. Honeypots are individual computers, and honeynets are entire

                    networks created to serve as a trap for intruders. They look like
                    legitimate networks and tempt intruders with unpatched and
                    unprotected security vulnerabilities as well as attractive and
                    tantalizing but false data. An intrusion detection system (IDS) will
                    detect attacks. In some cases, an IDS can divert an attacker to a
                    padded cell, which is a simulated environment with fake data

                    intended to keep the attacker’s interest. A pseudo flaw (used by
                    many honeypots and honeynets) is a false vulnerability
                    intentionally implanted in a system to tempt attackers.

              10.  C. A multipronged approach provides the best solution. This
                    involves having anti-malware software at several locations, such as
                    at the boundary between the internet and the internal network, at
   1552   1553   1554   1555   1556   1557   1558   1559   1560   1561   1562