Frequently Asked Questions (FAQ)

Previous page
Table of content
Next page

1:

Are IDSs similar to firewalls?

A1:

Intrusion Detection is considered to be a complement to network firewalls because they extend the security management capabilities of system administrators/managers to include things like the following:

  • Monitoring and analysis of user and system activity

  • Auditing of system configuration and vulnerabilities

  • Assessing the integrity of critical system files and data files

  • Recognizing patterns of activity that reflect known attacks

  • Statistical analysis for abnormal activity patterns

  • Operating system audit trail management, with recognition of user activity that violates company policy

2:

Which is the preferred IDS: Host-based or network-based?

A2:

Network-based IDSs are the recommended solution because they protect every device on the network, detect problems quickly, and are not vulnerable to attack. Host-based IDSs are an effective solution in small networks where it is more cost-efficient to deploy multiple host-based IDSs rather than a single network-based IDS.


Previous page
Table of content
Next page
Network Sales and Services Handbook
Network Sales and Services Handbook (Cisco Press Networking Technology)
ISBN: 1587050900
EAN: 2147483647
Year: 2005
Pages: 269
Authors: Matthew J Castelli
BUY ON AMAZON
CISSP Exam Cram 2
Strategies for Information Technology Governance
SQL Hacks
Cisco CallManager Fundamentals (2nd Edition)
Mapping Hacks: Tips & Tools for Electronic Cartography
Special Edition Using Crystal Reports 10
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy