Deploying host-based idss, Computer Network Security

Assignment Help:

Deploying Host-Based IDSs

-Proper implementation of HIDSs can be painstaking and time-consuming task .The process of deployment begins with implementing most critical systems first Installation continues until either all systems are installed, or the organization reaches planned degree of coverage it is willing to live

MEASURING THE EFFECTIVENESS OF IDS

IDSs are evaluated by using two dominant metrics:
-Administrators evaluate number of attacks detected in the known collection of probes
-Administrators examine level of use at which IDSs fail

Evaluation of IDS might read: at 100 Mb/s, IDS was able to detect 97 percent of directed attacks as developing this collection can be tedious, most IDS vendors provide testing mechanisms which verify systems are performing as expected. These testing processes allows administrator to:
- Record and retransmit packets from virus or worm scan
-Record and retransmit packets from a virus or worm scan with incomplete
-TCP/IP session connections
-Conduct a real virus or worm scan against an invulnerable system


Related Discussions:- Deploying host-based idss

Provide a suitable network infrastructure for the campus, QUESTION a) ...

QUESTION a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a segment. Give the source MAC address in hexadecimal; the source IP address, the uppe

Cryptography, hi have a look and tell me if u can do it. if u can do Q1then...

hi have a look and tell me if u can do it. if u can do Q1then i will allow u to do Q2

Hardware, Hardware, Software, and Network Asset Identification What info...

Hardware, Software, and Network Asset Identification What information attributes to track is dependent on: •    Requires of organization/risk management efforts •    Management

Network management system, Question (a) Draw a typical hybrid star-rin...

Question (a) Draw a typical hybrid star-ring topology paying attention to how the clients and switching hubs are connected. (b) State 3 main differences between a router

Which authorization model could be ideal, Question: (a) Your office ad...

Question: (a) Your office administrator is being trained to take server backups. Which authorization model could be ideal for this situation: MAC, DAC or RBAC? Justify your a

Caralouer case study: analysis and design techniques, CarALouer provides re...

CarALouer provides rental of cars to its customer on a regional basis i.e. a car is attached to a regional home-base which also houses a regional office of the company. Each regi

Functional areas in network management, Question 1 a) Explain how CSMA...

Question 1 a) Explain how CSMA/CD works. b) Describe the term "exponential back-off". c) Describe the differences between "circuit switching" and "packet switching". d) Th

Summarises the firewall protocols, Your rules should ensure that Internet a...

Your rules should ensure that Internet access will be restricted to the following: Only the following services will be permitted as OUTBOUND traffic (to the Internet from the DM

Issue-specific security policy (issp), Issue-Specific Security Policy (ISSP...

Issue-Specific Security Policy (ISSP) The ISSP addresses specific areas of technology, needs frequent updates and having statement on organization’s position on a particular iss

Arp responses, ARP RESPONSES Let's search out how does a computer know...

ARP RESPONSES Let's search out how does a computer know whether an incoming frame have an ARP message. The type field in the frame header defines that the frame contain an ARP

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd