This chapter covers the following TruSecure-specified objectives for the TICSA exam:
Describe, recognize, or select good intrusion-detection methodologies, applications and disaster recovery, and forensic practices.
When you connect yourself to an external network, such as the Internet, you open yourself to attack. Even if you practice the best security, there is always a chance that your network will experience an intrusion. Knowing what you should have in place to help yourself in these situations is paramount. Equipping yourself with such items as disaster recovery plans and the knowledge of what to look for when performing forensic investigations can help you learn from your mistakes ...