The most common problem in the operation of an intrusion
detection system (IDS) is:
A. the detection of false positives.
B. receiving trap messages.
C. reject error rates.
D. denial-of-service attacks.
- 1 Answers
- 6959 Views
- ABC, I also Faced
- E-Mail Answers
Answer Posted / guest
Answer: A
Because of the configuration and the way IDS technology
operates, the main problem in operating IDSs is the
recognition (detection) of events that are not really
security incidents?false positives (equivalent of a false
alarm). The IS auditor needs to be aware of this, and should
check for implementation of related controls, such as IDS
tuning, incident handling procedures (like the screening
process to know if an event is a security incident or a
false positive). Trap messages are generated by the simple
network management protocol (SNMP) agents when an important
event happens, but are not particularly related to security
or IDSs. Reject error rate is related to biometric
technology and is not related to IDSs. Denial of service is
a type of attack and is not a problem in the operation of IDSs.
| Is This Answer Correct ? | 10 Yes | 0 No |
Post New Answer View All Answers
