10.5. Task 10.5: Implementing a Host-Based Intrusion Detection System
A common security practice is to implement monitoring devices or applications on the network and on critical systems to identify, alert, and sometimes block undesirable traffic and attempted access. Intrusion detection systems (IDSs) monitor, analyze, and log traffic watching for attacks. If an attack is detected, the IDS will alert administrators of the perceived attack, requiring human reaction and intervention.
Intrusion protection systems (IPSs) are an extension of the IDS. IPSs monitor, analyze, and log traffic watching for attacks. If an attack is detected, the IDS will alert administrators of the perceived attack, and will take automatic and programmed action in an ...
Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.