Chapter 7. Intrusion Detection and Security Baselines

Terms you'll need to understand:

  • Intrusion

  • Misuse

  • Knowledge-based IDS

  • Behavior-based IDS

  • Network-based IDS

  • Host-based IDS

  • Honeypot

  • Deflection

  • Countermeasures

  • Baseline

  • Hardening

Techniques you'll need to master:

  • Understanding the use of host- and network-based IDS solutions and how they may be used together to secure a network

  • Understanding the purpose behind establishing security baselines

  • Recognizing common considerations in planning for operating system, network, and application hardening

To secure a network, it is important to identify the normal operating parameters and be able to identify atypical variations from this baseline operational level. The first step toward minimizing the potential damage that may result from unauthorized access attempts is the detection and identification of an unauthorized intrusion.

Intrusion detection requires a detailed understanding of all operational aspects of the network, along with a means to identify variations and bring these changes to the attention of the proper responsible parties. In this chapter, we will examine several forms of intrusion-detection solutions and review the requirements for establishing reasonable baseline standards.



Security+ Exam Cram 2 (Exam SYO-101)
Security+ Certification Exam Cram 2 (Exam Cram SYO-101)
ISBN: 0789729105
EAN: 2147483647
Year: 2005
Pages: 162

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net