Terms you'll need to understand:
Techniques you'll need to master:
To secure a network, it is important to identify the normal operating parameters and be able to identify atypical variations from this baseline operational level. The first step toward minimizing the potential damage that may result from unauthorized access attempts is the detection and identification of an unauthorized intrusion. Intrusion detection requires a detailed understanding of all operational aspects of the network, along with a means to identify variations and bring these changes to the attention of the proper responsible parties. In this chapter, we will examine several forms of intrusion-detection solutions and review the requirements for establishing reasonable baseline standards. |