From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Intrusion response techniques
From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Intrusion response techniques
- [Instructor] When architecting a system, it's important to provide defense in depth. One of the leading security architecture frameworks, the Sherwood Applied Business Security Architecture, or SABSA, provides a model of defense in depth controls called the Multitier Control Strategy. We can see that it incorporates second-layer prevention and fourth-layer detection and notification controls. Let's look at what we do for detection controls. An intrusion detection system, or IDS, provides a means of detecting and notifying the security operator that an intrusion may have been detected based on its match to a known attack signature. IDS systems may be network-based devices, sometimes called NIDS, or host-based systems, called HIDS. IDS systems require regular signature updates in order to be able to detect the most up-to-date attacks. A typical business environment would do signature updates every two to three hours, whereas a home user may only schedule signature updates daily or…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.