logo

THE SECURITY OF NETWORK

Discuss the problems with relying on IDS/IPS solutions and the information required to create a good NIDS signature. Provide examples of a good HIDS and NIDS anomaly signature. Explain how modern host-based anti-virus software works and how it protects against unknown threats. Discuss ways to better protect host machines against unknown threats. Evaluate the necessity of anti-virus software in today's computing environment. Compare the advantages of using VirusTotal for identifying suspicious files over local AV clients.

11 Pages1870 Words16 Views
   

Added on  2022-08-22

THE SECURITY OF NETWORK

Discuss the problems with relying on IDS/IPS solutions and the information required to create a good NIDS signature. Provide examples of a good HIDS and NIDS anomaly signature. Explain how modern host-based anti-virus software works and how it protects against unknown threats. Discuss ways to better protect host machines against unknown threats. Evaluate the necessity of anti-virus software in today's computing environment. Compare the advantages of using VirusTotal for identifying suspicious files over local AV clients.

   Added on 2022-08-22

ShareRelated Documents
Running head: SECURITY OF NETWORK
SECURITY OF NETWORK
Enter the name of the Student:
Enter the name of the University:
Author note:
THE SECURITY OF NETWORK_1
SECURITY OF NETWORK
1
Table of Contents
Question 1:.................................................................................................................................2
Question 2:.................................................................................................................................4
Question 3:.................................................................................................................................5
Question 4:.................................................................................................................................5
Question 5:.................................................................................................................................6
Question 6:.................................................................................................................................7
References..................................................................................................................................8
THE SECURITY OF NETWORK_2
SECURITY OF NETWORK
2
Question 1:
The problem with relying on IDS/IPS solutions are as follows:
i) Noise can rigorously limit the intrusion detection the effectiveness of system (Nigam,
Minero & Haenggi, 2014).
ii) Bad packets created from the bugs of software.
iii) corrupt the DNS data.
iv) They cannot see into the encrypted packets.
The example of a good host based IDS that is HIDS is SolarWinds Log & Event
Manager. Now it has renamed to Security Event Manager. It contains similar capabilities as
previous along with some new facilities. It is all in one tool kit of SIEM also the pros of
security used to make simpler detecting and examining the issues of security by the data of
event log.
THE SECURITY OF NETWORK_3
SECURITY OF NETWORK
3
Figure 1: Security Event Manager
(Source: Mohaisen & Alrawi, 2014)
It contains similar capabilities as previous along with some new facilities that will be
helpful for the user. This software can identify also respond to the threats rapidly. Also it can
see the value quickly and ease the compliance audits and reporting. It has the hundreds pre
made connectors to collect logs from the several sources, parse the data also put this into the
mutual readable layout, generating the central location for user to investigate easily the
potential threats, store the logs and prepare for the audits.
The example of the network based ISD that is NIDS is Snort. It is the open source
NIDS made by the Martin Roesch. It is the packet sniffer which in the real time, monitors the
network traffic, inspecting every packet strictly for detecting the doubtful anomalies or risky
payload. It is centred on the libpcap that is to capture the library packet, used in the traffic
sniffers also analysers of the TCP/IP.
THE SECURITY OF NETWORK_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Demonstration of Network Security Tools
|10
|2109
|85

Assignment on Network Intrusion Detection System
|2
|364
|30

Networking and Security
|4
|801
|57

Network Intrusion Detection System Using SNORT
|51
|9826
|455

Justification for choosing Snort as IDS
|4
|708
|101

THE PROTECTING YOUR NETWORK
|5
|941
|14