Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
|
Defined as a system that monitors a network and scan it. |
Intrusion Detection and Prevention System ( IDPS ) |
|
|
only monitors and alerts bad traffic |
IDS |
|
|
Take automated course of action to prevent possible incidents. |
IPS |
|
|
also gives the security team birds eye view of the traffic flowing through its network. |
IDS-IPS |
|
|
monitor entire networks segments for malicious traffic. This is usually done by analyzing protocol activity. |
NETWORK-BASED INTRUSION PREVENTION SYSTEM ( NIPS ) |
|
|
usually deployed at network boundaries behind firewalls routers and remote access. |
NIPS — NETWORK-BASED INTRUSION PREVENTION SYSTEM |
|
|
monitor wireless networks by analyzing wireless networking specific protocols. |
Wireless Intrusion Prevention System ( WIPS ) |
|
|
deployed within the wireless network and in areas that are susceptible to unauthorized wireless networking. |
WIPS — Wireless Intrusion Prevention System |
|
|
analyze deviations in protocol activity, network behavior analysis systems identify threats by checking for unusual traffic patterns. |
NETWORK BEHAVIOR ANALYSIS ( NBA ) |
|
|
are deployed in an organization's internal networks and at points where traffic flows between internal and external networks. |
NBA — NETWORK BEHAVIOR ANALYSIS SYSTEM |
|
|
differ from the rest in that they're deployed in a single host. |
HOST-BASED INTRUSION PREVENTION SYSTEM ( HIPS ) |
|
|
traffic flowing in and out of that particular host by monitoring running processes |
HIPS — HOST-BASED INTRUSION PREVENTION SYSTEM |
|
|
These tools continuously monitor network traffic and systems for signs of malicious activity, allowing for rapid response to security threats. |
REAL-TIME MONITORING |
|
|
IDPS tool should allow users to enforce intrusion rules. |
INTRUSION RULES ENFORCEMENT |
|
|
Another important feature of IDS tools is maintaining detailed logs. |
Activity Logs and Insights |
|
|
Immediately identify a malicious presence as soon as it is felt within the network. |
MALICIOUS PRESENCE DETECTION |
|
|
The IDS tools should block intruders and mitigate the damage they cause. |
MALICIOUS PRESENCE BLOCKING |
|
|
single service or computer on a network that is configured to act as a decoy attracting and trapping would be attackers. |
HONEYPOTS |
|
|
TWO PRIMARY TYPES OF HONEYPOTS |
— PRODUCTION HONEYPOTS — RESEARCH HONEYPOTS |
|
|
serve as decoy system inside fully operating networks and servers often as part of an intrusion detection system ( IDS ) |
PRODUCTION HONEYPOTS |
|
|
Used for educational purposes and security enhancement. |
RESEARCH HONEYPOTS |
|
|
honeypots can also be viewed in another dimension based on interaction levels. |
1. LOW INTERACTION HONEYPOTS 2. MEDIUM INTERACTION HONEYPOTS 3. HIGH INTERACTION HONEYPOTS |
|
|
This class gives the attackers some small insights and network control. |
LOW INTERACTION HONEYPOTS |
|
|
This model allows relatively more interaction with hackers unlike the low interaction ones. |
MEDIUM INTERACTION HONEYPOTS |
|
|
are decoy network containing collections of honeypots in highly monitored networks. |
HONEYNETS |
