While running snort ids why may there be no alerts

Assignment Help Computer Engineering

Reference no: EM132470

Question

1) While running Snort IDS why may there be no alerts?

2) If we only went to a few web sites, why are there so many alerts?

3) What are advantages of logging more information to the alerts file?

4) What are disadvantages of logging more information to the alerts file?

5) What are advantages of using rule sets from the snort web site?

6) Describe at least one type of rule set you would desire to add to a high level security network and why?

7) If a person with malicious intent were to get into your network and have read or write access to your IDS log or rule set how could they use that information to their advantage?

8) An intrusion prevention system can either wait until it has all of information it needs, or be able to allow packets through based on statistics. What are advantages and disadvantages of each approach?

9) So, "bad guy" decides to do a Denial of Service on your Intrusion Prevention System. At least two things can happen; system can allow all traffic through or can deny all traffic until the system comes back up. What are issues that you must consider in making this design decision?

10) What did you find particularly useful about this lab? What if anything was difficult to follow? What would you modify to make it better?

Reference no: EM132470

Questions Cloud

What is the npv if the discount rate is 15.30% : What is the NPV if the discount rate is 15.30% and Evaluate Capital's after-tax WACC

Examine how computer forensics investigations pertain to law : Examine how computer forensics investigations pertain to law

Describe what he must do to obtain the same cash flow : Describe what he must do to obtain the same cash flow as he could have gotten from investing in 1000 shares in the proposed levered firm

Describe the principles of dilution ventilation : Describe the principles of Dilution Ventilation and Local Exhaust Ventilation

While running snort ids why may there be no alerts : While running Snort IDS why may there be no alerts

What is capitals after-tax wacc : what is Capital's after-tax WACC and what balance could appear in the investment in Holister account as of December 31, 2009?

Write a function called is_anagram : Write a function called is_anagram.

The two classes of glare that employees may encounter : a) Describe briefly the two classes of glare that employees may encounter in their work environment due to poor quality of lighting b) The Fan Laws define the relation of volume flow, pressure and power against the fan speed. How does the volum..

What can be the effect of the price increase : What can be the effect of the price increase on the firm's FCF for the year?

User Account

All Pages