1. How can data gained from intrusion detection improve network security? that apply.) It can help prevent future attacks. b. It can route traffic more efficiently. c. It can shield IP addresses on the network. d. It can help determine how to respond to security incidents. 2. Which of the following IDPS results is the cause of greatest concern? true positives b. true negatives c. false positives d. false negatives 3. An IDPS management server performs which of the following functions? a. monitoring inbound and outbound traffic b. modifying state information c. storing and analyzing sensor data d. providing an IDPS interface 4. Which of the following is an IDPS detection capability you can customize? (Choose all that apply.) a. blacklists b. signatures state tables d. thresholds c. 5. Misuse-based detection is based on which feature of network traffic? a. user profiles b. normal traffic c. signatures d. user accounts a. 6. An anomaly-based IDPS can be circumvented in which of the following ways? new attacks b. changes in user habits c. changes in published signatures d. minor changes in attack methods that do not match known signatures 7. A signature-detection IDPS can be circumvented in which of the following ways? a. changes in attack methods b. a stolen user account c. making traffic appear normal d. attacks made during the IDPS training period