IT Examiner School, Seaside, CA
Intrusion Detection/Prevention Systems (IDS/IPS) • Functions include: – Monitoring/analyzing users and system activity – Analyzing system configurations/vulnerabilities
– Assessing system and file integrity – Ability to recognize patterns of attack – Analysis of abnormal activity patterns – Tracking user policy violations
IDS/IPS (Cont.) • Host-based - Resides on “host” computers and only detects activity on that host • Network-based - Monitors network traffic on segments of the LAN • Must be maintained, monitored, and updated to be effective • IT Survey has this information
Made with FlippingBook - Online catalogs