[Cisspstudy] Another question on IDS
Saurabh Bhargava
catchbhargava at yahoo.com
Fri Jan 8 08:36:54 EST 2010
The IDS modifies a gateway rule to divert "suspected" traffic to a honeypot. What type of intrusion control does this represent?
A. Corrective control
B. Recovery control
C. Detective control
D. Preventive control
I think it is D but author says A.
My choice of D was for the reason traffic is still "suspected" it may or may not be an attack. I would have surely gone for option A, had the question was "an attack was discovered and IDS modified the gateway rule"
Definitions from AIO say:
• Preventive Intended to avoid an incident from occurring
• Corrective Fixes components or systems after an incident has occurred
Have I lost the plot on IDS?
Any help will be highly appreciated.
cheers, SB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100108/95fed0bd/attachment.html>
More information about the cisspstudy
mailing list