Mike Meyers' CompTIA Security+ Certification Passport (Exam SY0-401) by Dawn Dunkerley

Author:Dawn Dunkerley
Language: eng
Format: epub
Tags: -
Publisher: McGraw-Hill Education
Published: 2014-05-02T16:00:00+00:00

Travel Advisory

Network-based intrusion systems also are not effective in monitoring encrypted communications, such as over a virtual private network (VPN).

When an intrusion is detected, the system works in either an active or a passive way to alert an administrator of the problem. A passive system will only send warnings and alarms through log files, e-mail, instant message, or SMS message. An active system tries to fix the problem by shutting off certain services or preventing connections from a suspicious host.

Active Detection

An NIDS that uses active detection methods can take immediate steps to halt an intrusion. These types of systems are also called network intrusion prevention systems (NIPSs) because they actively attempt to prevent intrusions rather than just detect them. The advantage of this method is that it can attempt to prevent the intrusion from continuing. Active detection prevents the suspicious activity from expanding into actual damage or data loss. This is a great advantage over passive detection systems, which merely log the incident or send an e-mail to the administrator, who might not see the message for many hours before she can perform any preventive actions. By then, it could be too late.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.