Intrusion Detection

Rae2021
post6-10.docx
Home>Information Systems homework help>Intrusion Detection

Intrusion Detection

Topic 6.1: Capturing Network Traffic

There are two ways of capturing network traffic: In-line mode and promiscuous mode. In your own words, clearly distinguish the two.

Topic 6.2: Analyzing Network Traffic

After receiving network traffic, your IPS sensors must analyze that traffic. IDP sensors fall into the following categories: Atomic operations, stateful operations, protocol decode operations, anomaly operations, and normalizing operations. In your own words, clearly distinguish any two of these.

Topic 7.1: Alerting Actions and Logging Actions

After they identify potentially malicious activity, your IPS sensors perform specific configure actions: Alerting actions, logging actions, blocking actions, and dropping actions. In your own words, clearly distinguish alerting actions from logging actions.

Topic 7.2: Blocking Actions and Dropping Actions

After they identify potentially malicious activity, your IPS sensors perform specific configure actions: Alerting actions, logging actions, blocking actions, and dropping actions. In your own words, clearly distinguish blocking actions from dropping actions.

Topic 8.1: Weak Points in the Structure of the Internet

Attackers are constantly looking for new ways to exploit the Internet infrastructure. Describe some of the techniques that attackers use to exploit the Internet.

Topic 8.2: Attack Techniques against Websites and Web Users

To exploit the weaknesses with the Internet attackers targeting Web servers. Describe some of the well-known attacks on Web browsers and email applications.

Topic 9.1: Worst Case Scenarios

Worst case scenarios are descriptions of the worst consequences that can befall an organization if a threat occurs. In your own words, how would you quantify the impact of a loss or interruption to a business?

Topic 9.2: Security Reviews

An effective security policy describes immediate steps to take when an intrusion is detected. Describe some conditions that would prompt a security review.

Topic 10.1: Best Practices

What is meant by “Best Practices for Security Policy?” Are you aware of any of these at your work or home network?

Topic 10.2: Risk Analyses Factors

There six risk analysis factors: Assets, threats, probabilities, vulnerabilities, consequences and security controls. Select one of these and describe how it relates to your work or home network?