User Account

All Pages

Discuss the monitoring zones

Assignment Help Management Information Sys
Reference no: EM131940502

Task 1:

Instructions: Add additional insight opinions or challenge opinions and you can visit a couple of the web sites contributed and share your opinion of these sites. Minimum of 150 words for each.

1) Full content data is information based on that network that allows analysts to derive session, alert, and statistical data (Bejtlich, 2005).

It offers both granularity as well as application relevance which makes its collection meaningful (Bejtlich, 2005). To obtain full content data, there are security monitoring products at play.

When discussing security monitoring products, it is important to discuss the monitoring zones. "Monitoring zones are locations where the traffic in those areas shares certain privileges, based on the level of trust afforded by a security engineer" (Bejtlich, 2005, p. 45). According to Bejtlich (2005), there are four of these zones, or considerations. They are the perimeter, the demilitarized zone, the wireless zone, and the intranet. The perimeter is where sensors are typically deployed (Bejtlich, 2005).

This is due to the fact that it receives the most visibility from class 1 attackers (Bejtlich, 2005). However, it is the most untrusted zone because of the vulnerability associated with the lack of control (Bejtlich, 2005). The demilitarized zone (DMZ) is another area where sensors are frequently deployed (Bejtlich, 2005). It includes the DMZ switch and firewall (Bejtlich, 2005).The wireless zone is all machines that have wireless connectivity (Bejtlich, 2005).

It includes the wireless network and wireless access point firewall (Bejtlich, 2005). The intranet is another zone where sensors can be deployed, even though the perimeter and demilitarized zone are the preferred zones (Bejtlich, 2005). Intranet sensors experience a lot of traffic (Bejtlich, 2005). This could be why the intranet is monitored by practitioners via the internal networks as well as the critical internal hosts (Bejtlich, 2005).

Reference

Bejtlich, R. (2005). Security monitoring: Beyond intrusion detection [E-Reader Version]. Retrieved from The Tao of Network Security Monitoring

2) If any business entity does not know what's happening on their networks it probably means they are always going to be way behind the curve when it comes to attacks.

That is where security monitoring products having full content data comes into play which will be very beneficial to analyze when and what is happening within their network which can help to decide what to do about them. Having full content data or capturing full packets provide the most flexibility and granularity when analyzing network-centric data.

Addition to collecting the full content data, it is imperative to collect the data where analyst can see the true internet destination IP address for traffic of interest, and where you can see the true internal source IP address for traffic of interest (Bejtilch, 2012). However, for some of the businesses there could become issue of disk storage when capturing full content data of the network and it can add increase the cost to the business.

In addition, disk might not be able to capture full content of aggregating traffic and ensuring that all data have been captured without significant loss at line speed can be difficult.

With that in mind, at the beginning it would be much easier to get started monitoring only HTTP or DNS and prioritize some of the network segments such as those with PII, those that require PCI compliance, or any other important network which is critical from business perspective.

In addition, by capturing data of some of the critical piece of network netflows will indicate if there is any problem and it will come to know if additional information is needed to monitor by capturing additional data of networks.

Number of Pages: 1 Page

Page Line Spacing: Double spaced (Default)

Academic Level: College

Paper Format: APA

Task 2

Instructions: Use examples from the readings, or from your own research, to support your views, as appropriate. Encouraged to conduct research and use other sources to support your answers. Be sure to list your references at the end. References must be in APA citation format.

A minimum of 250-300 words.

Describe and interpret the deployment considerations involved with using network security monitoring products to obtain full content data.

Number of Pages: 1 Page

Page Line Spacing: Double spaced (Default)

Academic Level: College

Paper Format: APA

Reference no: EM131940502

Questions Cloud

Summarize the content of the reading assignment : Summarize the content of the reading assignment and raise two or more substantially critical questions or substantial reactions to the reading of the day.
Create the plan to assemble a team : In creating the recommendation, evaluate each role selected, documenting the value that the team member will bring to the process.
How did life change after the industrial revolution : How did life change after the Industrial Revolution? Make a second list describing the ways that life was different after industrialization.
Describe steps for designing an effective training program : Describe the four steps for designing an effective training program (needs assessment-design-implementation-evaluation). Explain how each step works.
Discuss the monitoring zones : When discussing security monitoring products, it is important to discuss the monitoring zones. "Monitoring zones are locations where the traffic in those areas.
Discuss the wartime leadership styles of the men leading : Discuss the wartime leadership styles of the men leading three of these countries-Germany, the Soviet Union, Britain, the United States, and Japan.
Analyze the development of tort law : Analyze the development of tort law from the concept and degree of negligence to the application of the law to strict / product liability.
Discuss the components of hr planning and technology : Human Resources has faced and continues to face an assortment of changes within its own functions. As a result, careful planning is needed to establish changes.
Describe the behaviors of the sales force : HRM 533 Describe the behaviors of the sales force that are targeted with the compensation plan. Assess how a value proposition is achieved for current.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Examine the potential reasons why the security risks

Suggest what you believe to be the best mitigation or defense mechanisms that would help to combat the Domain Name System Security Extensions (DNSSEC) concerns to which the article refers. Propose a plan that the U.S. government could use in order..

  Emerging technologies in the field that you are covering

For example if your name is John Doe, the file will submitted as DoeJ.docx. If you submit a screen recording be sure to test the link to either the screencastomatic or youtube server prior to submission. Do not attach the video file. Include a br..

  Draw the physical data flow diagrams

Service Request SR-rm-004 - Draw the physical data flow diagrams. Use Microsfot Visio to prepare examples of flow charts and data flow diagrams.

  Jake''s computer repair service exercise

Jake's Computer Repair Service Exercise - True or false? The cash basis of accounting is required under Generally Accepted Accounting Principles (GAAP) when preparing financial statements. Explain, if necessary.

  Discuss the challenges faced by the cio

Discuss the challenges faced by the CIO - which are the most important and why? Summarize the main purposes of information systems in organizations.

  Discuss the miniature research project and survey

Explain the ability of health information management to improve organizational competitiveness and performance. Apply the research process to topics in health information management.

  What challenge did lt gen baker issue to students

What challenge did Lt. Gen. Baker issue to students? List the title and author of the three books Lt. Gen. Baker recommended to learn more about this topic.

  Discuss positive consequences of each of three strengths

Discuss the plans, procedures, or other documents that were in place before the disaster in the General Information section of the template. Summarize what occurred during the response in the scenario in the General Information section of the temp..

  Design of user interfaces - systems analysis and design

Discuss the design of user interfaces is of critical importance in systems analysis and design

  What operating system does your computer use

What operating system does your computer use? What are some examples of applications residing in your personal computer? Do you use any apps or websites now that you think are cloud-based?

  Write an introductory statement of the company

Conduct a strengths, weaknesses, opportunities, and threats (SWOT) analysis for the business venture in question for the company.

  The it professional in charge of security for small pharmay

Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd