PrepAway - Latest Free Exam Questions & Answers

Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports

Which of the following signatures watches for the connection attempts to well-known, frequently
attacked ports?

PrepAway - Latest Free Exam Questions & Answers

A.
Port signatures

B.
Digital signatures

C.
Header condition signatures

D.
String signatures

Explanation:
Port signatures watch for connection attempts to well-known, frequently attacked ports. These type
of signatures are used in Network-based ID systems, which involve looking at the packets on the
network as they pass by some sensor. The packets are identified to be of interest if they match a
signature.
Answer option D is incorrect. String signatures look for a text string that indicates a possible attack.
Answer option C is incorrect. Header signatures watch for dangerous or illogical combinations in
packet headers.
Answer option B is incorrect. Digital signature is an authentication tool that is used to ensure the
integrity and non-repudiation of a presentation. It is used to authenticate the presentation by using
a cryptographic mechanism. The document for a digital signature can be a presentation, a message,
or an email.
CISM Review Manual 2010, Contents. “Incident Management and Response”


Leave a Reply