10.5. Task 10.5: Implementing a Host-Based Intrusion Detection System

A common security practice is to implement monitoring devices or applications on the network and on critical systems to identify, alert, and sometimes block undesirable traffic and attempted access. Intrusion detection systems (IDSs) monitor, analyze, and log traffic watching for attacks. If an attack is detected, the IDS will alert administrators of the perceived attack, requiring human reaction and intervention.

Intrusion protection systems (IPSs) are an extension of the IDS. IPSs monitor, analyze, and log traffic watching for attacks. If an attack is detected, the IDS will alert administrators of the perceived attack, and will take automatic and programmed action in an ...

Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.