Unit 7-2 Audit [Compatibility Mode] - 12/19/2010 1 Unit 7:...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 12/19/2010 1 Unit 7: Audit and Intrusion Unit 7: Audit and Intrusion Detection Detection Part 2 Click Here to Start Audio Security Audit Analysis Security Audit Analysis (FAU_SAA) (FAU_SAA) c Analyze Audit Information Looking for Security Violations c FAU_SAA.1: Fixed Rule Set c FAU_SAA.2 Profile Based on User Profile c FAU_SAA.3 Simple Attack Heuristics - Signature Events c FAU_SAA.4 Complex Attack Heuristics - Multi-step Intrusion Scenarios Intrusion Detection Intrusion Detection Methodologies Methodologies c Attack Profile - Looks for specific known attack profiles (FAU_SAA.1, 3,4) c Behavior Profile - Application behavior is profiled over time and then abnormalities can be detected (FAU_SAA.2). 12/19/2010 2 Attack Attack-Based Intrusion Based Intrusion Detection Systems Detection Systems c Many Widely Available c Most Focus on Network Penetration Attacks (e.g., Firewalls) Microsoft’s Internet Security Microsoft’s Internet Security Acceleration(ISA) Server Acceleration(ISA) Server...
View Full Document

This note was uploaded on 02/20/2011 for the course TECH 7375 taught by Professor June during the Spring '11 term at University of Arkansas for Medical Sciences.

Page1 / 4

Unit 7-2 Audit [Compatibility Mode] - 12/19/2010 1 Unit 7:...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online