Chapter 3. Intrusion Detection Concepts

Upon completion of this chapter, you will be able to perform the following tasks:

Describe the basic types of devices used to capture traffic for your IDS sensors
Explain the commands used to monitor network traffic using SPAN
Explain the difference between using SPAN and RSPAN
Explain the commands used to monitor network traffic using VACLs
Identify the steps used to define a VACL

Before deploying an intrusion detection system (IDS), you must understand the benefits that an IDS provides. An IDS is software and possibly hardware that detects attacks against your network. Besides detecting attacks, most IDSs also provide some type of active response to the attacks, such as resetting TCP connections and updating ...

Get CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) by Earl Carter

Chapter 3. Intrusion Detection Concepts

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly