LP3 Assignment IDPS Tools - LP3 Assignment IDPS Tools 1 A...

Info icon This preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
LP3 Assignment: IDPS Tools 1. A key feature of hybrid IDPS systems is event correlation. Define the following terms as they are used in this process: compression, suppression, and generalization? Host-based IDS: In a host-based system (HIDS), the sensor usually consists of a software agent, which monitors all activity of the host on which it is installed. Protocol-based IDS: A protocol-based intrusion detection system (PIDS) consists of a system or agent at the front end of a server. The PIDS monitors and analyzes a specific communication protocol between a connected device and the server. For a web server this would typically monitor the HTTP/HTTPS protocol stream. Application protocol-based IDS: An application protocol-based intrusion detection system (APIDS) consists of a system or agent that is typically installed within a group of servers, monitoring and analyzing the communication on application specific protocols. For example, in a web server with a database APIDS would monitor the SQL protocol specific to the middleware/business logic as it transacts with the database. Hybrids: A hybrid intrusion detection system combines two or more of the above approaches. Host agent data is combined with network information to form a more comprehensive view of the network. Passive IDS: In a passive system, the intrusion detection system (IDS) sensor detects a potential security breach, logs the information and signals an alert on the console or passes it along to the NOC, a syslog server or someplace else for further action.
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern