Deploying host-based idss, Computer Network Security

Assignment Help:

Deploying Host-Based IDSs

-Proper implementation of HIDSs can be painstaking and time-consuming task .The process of deployment begins with implementing most critical systems first Installation continues until either all systems are installed, or the organization reaches planned degree of coverage it is willing to live

MEASURING THE EFFECTIVENESS OF IDS

IDSs are evaluated by using two dominant metrics:
-Administrators evaluate number of attacks detected in the known collection of probes
-Administrators examine level of use at which IDSs fail

Evaluation of IDS might read: at 100 Mb/s, IDS was able to detect 97 percent of directed attacks as developing this collection can be tedious, most IDS vendors provide testing mechanisms which verify systems are performing as expected. These testing processes allows administrator to:
- Record and retransmit packets from virus or worm scan
-Record and retransmit packets from a virus or worm scan with incomplete
-TCP/IP session connections
-Conduct a real virus or worm scan against an invulnerable system


Related Discussions:- Deploying host-based idss

Point to point transmission(ppp), Normal 0 false false fals...

Normal 0 false false false EN-US X-NONE X-NONE

How does message switching operate, Question: Human telephone conversat...

Question: Human telephone conversations are characterized by irregular pauses, alternating with irregular bursts of speech. In contrast, communication via computers is char

Encryption, How safe is the encryption of virtual private networks?

How safe is the encryption of virtual private networks?

Fragmentation format, FRAGMENTATION Fragmentation information is kept...

FRAGMENTATION Fragmentation information is kept in different extension header.  Every fragment has base header and fragmentation header. Whole datagram including original hea

Mention most relevant clause of iso 27001:2005, QUESTION (In this ques...

QUESTION (In this question, you will need to use the ISO 27001:2005 and ISO 27002:2005 standards) For each of the situations below, comment on the following: 1. Mention

Address resolution , Mapping between a hardware address and a protocol addr...

Mapping between a hardware address and a protocol address is known Address Resolution. A router or host uses address resolution when it requires to transmit a packet to another dev

Risk control strategies-risk management, Risk Control Strategies Once th...

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •    Apply safeguards wh

Distinguish between authorization and authentication, Question : (a) D...

Question : (a) Distinguish between authorization and authentication. (b) SSO (Single Sign On) implies a user logs in once and can access resources for a defined period of

Firewall analysis tools-information security, FIREWALL ANALYSIS TOOLS Th...

FIREWALL ANALYSIS TOOLS There are a number of tools automate remote discovery of firewall rules and assist the administrator in analyzing rules Administrators who feel wary of u

Difference between flow control and congestion control, (a) Describe briefl...

(a) Describe briefly the difference between flow control and congestion control in relation to a connection-oriented protocol such as TCP. (b)  What is the initial rate of data

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd