True / False
1. The category of intrusion detection systems that looks for patterns that don’t match
those of normal use is called anomaly detection.
2. Snort is an open-source firewall.
3. A server with fake data used to attract an attacker is a honeypot.
4. When an administrator proactively seeks out intelligence on potential threats or groups,
this is called infiltration.
5. The method to attract an intruder to a subsystem setup for the purpose of observing
him is called intrusion deterrence.
6. An on-demand virus scanner runs in the background and is constantly checking your
7. Heuristic scanning uses rules to determine whether a file or program behaves like a
8. Linux and Windows typically are not shipped with firewalls.
9. A screening firewall works in the application layer of the OSI model.
10. A stateful packet inspection firewall examines each packet, and denies or permits
access based not only on the current packet, but also on data derived from previous
packets in the conversation.