Deploying host-based idss, Computer Network Security

Assignment Help:

Deploying Host-Based IDSs

-Proper implementation of HIDSs can be painstaking and time-consuming task .The process of deployment begins with implementing most critical systems first Installation continues until either all systems are installed, or the organization reaches planned degree of coverage it is willing to live

MEASURING THE EFFECTIVENESS OF IDS

IDSs are evaluated by using two dominant metrics:
-Administrators evaluate number of attacks detected in the known collection of probes
-Administrators examine level of use at which IDSs fail

Evaluation of IDS might read: at 100 Mb/s, IDS was able to detect 97 percent of directed attacks as developing this collection can be tedious, most IDS vendors provide testing mechanisms which verify systems are performing as expected. These testing processes allows administrator to:
- Record and retransmit packets from virus or worm scan
-Record and retransmit packets from a virus or worm scan with incomplete
-TCP/IP session connections
-Conduct a real virus or worm scan against an invulnerable system


Related Discussions:- Deploying host-based idss

Determine the codeword which is transmitted using crc, Question (a) For...

Question (a) For the bit stream 010011, show the waveforms for each of the code indicated. Consider that the signal level for NRZ-L for mark is positive; the signal level for t

Example bus network , Ethernet is a commonly used LAN technology. It was di...

Ethernet is a commonly used LAN technology. It was discovered at EXROX PARC(Palo Alto Research Center) in 1970s.Xerox, Intel and Digital described it in a standard so it is also kn

Ids response behavior, IDS RESPONSE BEHAVIOR Once IDS detects an anomalo...

IDS RESPONSE BEHAVIOR Once IDS detects an anomalous network situation, it has a number of options. IDS responses to external stimulation can be classified as active or passive.

Tcp and udp, TCP and UDP End-to-end delivery application is connection...

TCP and UDP End-to-end delivery application is connection less. The basic function of connectionless service are as given: It adds extension of LAN abstraction. It has simp

Topology, What is the concept of topology?

What is the concept of topology?

Compare the suitability and properties of isdn and adsl, Question : An a...

Question : An aircraft manufacturing company is considering linking the network of one of its offices to the network of its Headquarter using either xDSL or ISDN. i. Compare

Difference between synchronous tdm and statistical tdm, Question (a) A CRC...

Question (a) A CRC is constructed to generate a 4-bit FCS for an 11-bit message. The divisor polynomial is X 4 + X 3 + 1 (i) Encode the data bit sequence 00111011001 using po

Improving domain blacklisting - spam mail, Improving domain blacklisting: ...

Improving domain blacklisting: Current domain blacklisting techniques are not very effective as spammers keep replacing blacklisted domains with newly registered domains. Also

Describe how lower bounds on arc flows, QUESTION: (a) Suppose the graph ...

QUESTION: (a) Suppose the graph below, use the Flow Decomposition method to list the cycles and paths produced. (b) Describe how Lower Bounds on Arc Flows are eliminated

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd