ZuoTi.Pro
Question

What is the problem with relying on IDS/IPS solutions? What type of information would need to...

What is the problem with relying on IDS/IPS solutions? What type of information would need to create a good network IDS (NIDS) signature? Provide one example of a good host based IDS (HIDS) and a Network based IDS (NIDS) anomaly signature (e.g. installing software in the system32 folder in windows). Please type out answer, no handwritten notes.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

IDS/IPS Problems 1) Due to passive nature of IDS it only monitors systems and a detailed report has been generated. 2) IPS prevents intrusions but it will slow down the network 3)IDS do not block the network attacks due to the usage of snort. 4) Some people like admins and staff are required to manage IDP/IPS.

Type of information that IDP Signature contains: The IDP Signature contains different information about the attack objects, service and application objects. This signature is stored in a database with definitions of attack objects. These are used to detect attack patterns in the network. Example of NIDS: Snort Example of HIDS: Firewalls, software, spyware.

0 0
Add a comment
Know the answer?
Add Answer to:
What is the problem with relying on IDS/IPS solutions? What type of information would need to...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • 1. What would these iptables rules do? iptables -A INPUT -p tcp -m tcp --dport 80...

    1. What would these iptables rules do? iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT Allow web server traffic Block web server traffic Force port 80 traffic to port 443 Allow traffic from both 80 and 443 using UDP protocols 2. Timestamps are important because can not be changed or deleted by attackers when configured properly, allows you to correlate events across the network can always...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • A new version of the operating system is being planned for installation into your department’s production...

    A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...

  • I need help with the case W16165 SOMEBODY STOP THE RADIO STAR: JIAN GHOMESHI AT THE CBC Questions: What negative behavior is attributed to Ghomeshi? What was the impact of his alleged behavior on Q em...

    I need help with the case W16165 SOMEBODY STOP THE RADIO STAR: JIAN GHOMESHI AT THE CBC Questions: What negative behavior is attributed to Ghomeshi? What was the impact of his alleged behavior on Q employees? Why did the employee get together to compile the red sky presentation for Groen and Noorani? What else could they have done. If is is true that Goneshi treated Q staff extremely poorly over a long period of time (e.g. from April 2007 to...

  • I need help with the case W16165 SOMEBODY STOP THE RADIO STAR: JIAN GHOMESHI AT THE...

    I need help with the case W16165 SOMEBODY STOP THE RADIO STAR: JIAN GHOMESHI AT THE CBC Questions: What negative behavior is attributed to Ghomeshi? What was the impact of his alleged behavior on Q employees? Why did the employee get together to compile the red sky presentation for Groen and Noorani? What else could they have done. If is is true that Goneshi treated Q staff extremely poorly over a long period of time (e.g. from April 2007 to...

  • I need help with my very last assignment of this term PLEASE!!, and here are the instructions: After reading Chapter T...

    I need help with my very last assignment of this term PLEASE!!, and here are the instructions: After reading Chapter Two, “Keys to Successful IT Governance,” from Roger Kroft and Guy Scalzi’s book entitled, IT Governance in Hospitals and Health Systems, please refer to the following assignment instructions below. This chapter consists of interviews with executives identifying mistakes that are made when governing healthcare information technology (IT). The chapter is broken down into subheadings listing areas of importance to understand...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Please see the articles below… 1.  What is your opinion on the subject? 2.  Which ethical views (i.e.,...

    Please see the articles below… 1.  What is your opinion on the subject? 2.  Which ethical views (i.e., utilitarian view, moral rights view, justice view, practical view) you feel are being used by both sides of the argument (i.e., for and against downloading) to justify their positions? High Court Enters File-Sharing Spat; Justices Must Determine Software Providers' Liability For Copyright Violations by Anne Marie Squeo. Wall Street Journal. (Eastern edition). New York, N.Y.: Mar 30, 2005. pg. A.2 WASHINGTON -- The Supreme...

  • 1.2 Recruitment is one of the crucial functions of HRM. Based on the information provided below,...

    1.2 Recruitment is one of the crucial functions of HRM. Based on the information provided below, how would you describe THE COMPANY’s approach to recruitment, before and after the implementation of the Brand Ambassador Program? How did the use of social media lead to the revision of the whole approach regarding recruitment? How ‘THE COMPANY’ Developed a Brand Ambassador Program At ‘THE COMPANY’ we usually categorize Employment Brand at ‘THE COMPANY’ into four big ‘buckets’: candidate experience, brand ambassador programs,...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT