Exam Essentials

Previous page
Table of content
Next page

Be able to identify and describe the two types of Intrusion Detection Systems in use. The two types of Intrusion Detection Systems in use are host-based (H-IDS) and network-based (N-IDS). Host-based IDS systems work strictly on the system on which they are installed. Network-based IDS systems monitor the entire network.

Be able to identify and explain the terms and functions in an IDS environment. These terms include activity, administrator, alert, analyzer, data source, event, manager, notification, operator, and sensor. For simplicity's sake, some of these systems are combined in IDS systems, but they are all functions that must be performed to be effective.

Know the difference between an active response and a passive response. An active response allows an IDS to manage resources in the network if an incident occurs. Passive response involves notification and reporting of attacks or suspicious activities.

Be able to explain the purpose of a honey pot. A honey pot is a system that is intended to be used to gather information or shunt an attacker to a system as is designed to be broken. Honey pot systems are used to gather evidence in an investigation and to study attack strategies.

Know the aspects needed to form an effective incident response. The stages of an incident response are identification, investigation, repair, and documentation. Communications and escalations plans are also part of an effective incident response approach. The process and methods used to respond to incidents should be developed into an incident response plan that can be used as a guideline for all incident response activities.

Know the protocols and components of a wireless system. The backbone of most wireless systems is the WAP. The WAP can use the WEP protocol to provide security in a wireless environment. The WTLS is the security layer of WAP. WAP performs similarly to TCP/IP.
Know the capabilities and limitations of the 802.11 network standards. The current standards for wireless protocols are 802.11, 802.11a, 802.11b, and 802.11g. The 802.11g standard is undergoing review and is not yet a formal standard.

Know the vulnerabilities of wireless networks. The primary method of gaining information about a wireless network is a site survey. Site surveys can be accomplished with a PC and an 802.11 card. Wireless networks are subject to the same attacks as wired networks.

Know the capabilities and security associated with instant messaging. IM is a rapidly growing interactive communications capability on the Internet. IM is susceptible to sniffing, jamming, and viruses. Never assume that an IM session is confidential. Viruses can be sent using attachments in IM, just like e-mail. Antivirus software can help filter for known viruses.


Previous page
Table of content
Next page
CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167
Authors: Michael A. Pastore
BUY ON AMAZON
The CISSP and CAP Prep Guide: Platinum Edition
Introduction to 80x86 Assembly Language and Computer Architecture
Cisco CallManager Fundamentals (2nd Edition)
File System Forensic Analysis
.NET System Management Services
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy