Deploying host-based idss, Computer Network Security

Deploying Host-Based IDSs

-Proper implementation of HIDSs can be painstaking and time-consuming task .The process of deployment begins with implementing most critical systems first Installation continues until either all systems are installed, or the organization reaches planned degree of coverage it is willing to live

MEASURING THE EFFECTIVENESS OF IDS

IDSs are evaluated by using two dominant metrics:
-Administrators evaluate number of attacks detected in the known collection of probes
-Administrators examine level of use at which IDSs fail

Evaluation of IDS might read: at 100 Mb/s, IDS was able to detect 97 percent of directed attacks as developing this collection can be tedious, most IDS vendors provide testing mechanisms which verify systems are performing as expected. These testing processes allows administrator to:
- Record and retransmit packets from virus or worm scan
-Record and retransmit packets from a virus or worm scan with incomplete
-TCP/IP session connections
-Conduct a real virus or worm scan against an invulnerable system

Posted Date: 10/9/2012 4:01:30 AM | Location : United States







Related Discussions:- Deploying host-based idss, Assignment Help, Ask Question on Deploying host-based idss, Get Answer, Expert's Help, Deploying host-based idss Discussions

Write discussion on Deploying host-based idss
Your posts are moderated
Related Questions
CARRIER  SENSE MULTIPLE ACCESS (CSMA) There is no central access management when computers transfer on Ethernet. For this solution the Ethernet employs CSMA to coordinate tran

Question: (a) i. Explain what is meant by Discretionary Access Control and Mandatory Access Control ii. Which method would be the most effective to ensure that users do

Question: a) There are two basic approaches to dealing with errors in the presence of pipelining. One way is Go-Back-N and the other strategy is Selective Repeat. i. Explain

Address resolution algorithms may be grouped into three basic types: Table lookup Closed-form computation Message Exchange 1. TABLE LOOKUP: In Table Loo

CRC can detect the following errors better than check sums. a) Vertical errors b) Burst errors a) VERTICAL ERRORS:  This kind of error happens due to a hardware fai

Describe the important features of application layer. The features of the application layer are as follows. 1. Efficient User Interface Design is explained below: Appli

ADDRESS RESOLUTION WITH TABLE LOOKUP : Resolution needs data structure that has information about address binding. A distinct address-binding table is used for every physical n

Problem: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,

IPv6 ADDRESSING IPv6 has 128-bit addresses. A 128-bit address adds network prefix and host suffix. An benefit of IPv6 addressing is that there is address classes i.e. prefix/s

Network Virtual Terminal It is a set of principles describing a very simple virtual terminal interaction. The NVT is needed in the start of a Telnet session. Communication wit