Signature matching can be accomplished by the comparison of captured network traffic using a special implementation of the TCP/IP stack that reassembles the packets and applies protocol stack verification. Briefly describe how protocol stack verification works.
What will be an ideal response?
In the process of protocol stack verification, the NIDPS looks for invalid data packets-that is, packets that are malformed under the rules of the TCP/IP protocol. A data packet is defined as invalid when its configuration does not match what is defined as valid by the various Internet protocols, such as TCP, UDP, and IP. The elements of the protocols in use (IP, TCP, UDP, and application layers such as HTTP) are combined in a complete set called the protocol stack when the software is implemented in an operating system or application. Many types of intrusions, especially denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks, rely on the creation of improperly formed packets to take advantage of weaknesses in the protocol stack in certain operating systems or applications.
You might also like to view...
____ inspections ensure that materials and methods described in the plans and specifications are being used.
A. Code B. Lender C. Owner D. Material
One end of the pulling rope is attached to a cable grip; the other end is _____.
a. wrapped around the capstan b. inserted into the basket c. attached to a clevis d. secured to the cable on the reel
What aspect of a critical lift plan always distinguishes it from a standard lift plan?
a. The load radius b. The maximum weight of the load c. The fact that it is always a written document d. The type of process for developing the plan
A 90-degree angle joins the _____ of a piping offset.
a. set and run b. run and travel c. travel and set d. run and center