Question1 when running snort ids why valour there is no

Assignment Help Computer Engineering

Reference no: EM13349048

Question

1. When running Snort IDS why valour there is no alerts?

2. If we only went to a few web sites, why are there so many alerts?

3. What is compensation of logging more information to the alerts file?

4. What is disadvantage of logging more information to the alerts file?

5. What is compensation of using rule sets from the snort web site?

6. Describe at least one type of rule set you would want to add to a high level security network and give reasons?

7. If a person with malicious intent were to get into your network and have read or write access to your IDS log or rule set how could they use that information to their advantage?

8. An intrusion prevention system is able to either wait until it has all of the information it needs, or can allow packets through based on statistics (guessed or previously known facts). What is advantage and disadvantage of each approach?

9. So, the "bad guy" decides to do a Denial of Service on your Intrusion Prevention System. At least two things can happen; the system can agree to all traffic through (without being checked) or can deny all traffic until the system comes back up. What are the factors that you should consider in making this design decision?

10. What did you find mainly useful about this lab (please be specific)? What if anything was difficult to follow? What would you vary to make it better?

Reference no: EM13349048

Questions Cloud

Question 1which one of the different approaches to : question 1which one of the different approaches to organisation and management would you select as most relevant to the

Question1 use big-theta notation to classify traditional : question1. use big-theta notation to classify traditional grade school algorithms for addition and development. that is

Questionsuppose you have an array of numbers where each : questionsuppose you have an array of numbers where each value occurs at most twice.we consider sums of contiguous

Question 1 a electronic banking can be defined as the : question 1 a electronic banking can be defined as the automated delivery of new and traditional banking products and

Question1 when running snort ids why valour there is no : question1. when running snort ids why valour there is no alerts?2. if we only went to a few web sites why are there so

Questionyour company has revealed that it must develop : questionyour company has revealed that it must develop processes and infrastructure to keep up with its client

Questionconsider a scheduling problem where there are 5 : questionconsider a scheduling problem where there are 5 activities to be scheduled in four time slots. suppose we

Questionto take advantage of a string means to change the : questionto take advantage of a string means to change the first letter of each word in the string to uppercase. for

Question 1you have been approached by a tourism : question 1you have been approached by a tourism organisation to carry out marketing research for them. they have been

User Account

All Pages