PGU Securing the Network with an Intrusion Detection System Summary

Description

Securing the Network with an Intrusion Detection System (IDS)

Outcomes addressed in this activity:

Unit Outcomes:

Define the term computer forensics.

Conduct a basic forensics exercise using Snort¼/p>

Illustrate the importance of audit logs to forensics investigations.

Examine how various forensics tools are used.

Examine the phases of a forensics investigation.

Illustrate basic encryption techniques.
Course Outcome:
IT540-2: Secure computer network data.
Purpose
This lab is designed to help you become familiar with implementing an Intrusion Detection System (IDS) to secure a computer network.
Lab Instructions

Part 1: Securing the Network with an Intrusion Detection System (IDS)

Complete Jones & Bartlett Lab: Securing the Network with an Intrusion Detection System (IDS) in this lab section.

The following resources will help you get oriented in the lab environment: the Common Lab Tasks Manual and J and B Lab Tips. The manual will provide detail and the tips are a very abbreviated reference.

In the lab environment, you will find instructions for the specific lab, which can be downloaded. Follow the instructions.

Use the Unit 3 Lab Worksheet to record and submit your results.

Part 2: Hypothetical Break-In

Consider the following five questions and write an essay response to each one.

How do you go about finding information when you have been told that there has been a break-in?

What servers were compromised?

Was network equipment comprised?

What user accounts were employed to do gain access?

What vulnerabilities were exploited?

What can be done to prevent a recurrence?

2 attachments

Slide 1 of 2

attachment_1

attachment_1
attachment_2

attachment_2

Unformatted Attachment Preview

Lab #10 – Assessment Worksheet
Securing the Network with an Intrusion Detection System (IDS)
Course Name and Number:
________________________________________________________________
Student Name:
________________________________________________________________
Instructor Name:
________________________________________________________________
Lab Due Date:
________________________________________________________________
Lab Assessment Questions & Answers
1. What is the difference between an IDS and an IPS?
2. Why is it important to perform a network traffic baseline definition analysis?
3. Why is a port scan detected from the same IP on a subnet an alarming alert to
receive from your IDS?
4. If the Snort IDS captures the IP packets off the LAN segment for examination, is
this an example of promiscuous mode operation? Are these packets saved or
logged?
5. What is the difference between a host-based IDS and a network-based IDS?
6. How can you block attackers, who are performing reconnaissance and probing,
with Nmap and Nessus port scanning and vulnerability assessment scanning
tools?
7. Why is it a good idea to have host-based intrusion detection systems enabled on
critical servers and workstations?
8. Where should you implement intrusion prevention systems in your IT
infrastructure?

Purchase answer to see full
attachment

Explanation & Answer:

4 pages

User generated content is uploaded by users for the purposes of learning and should be used following Studypool’s honor code & terms of service.



^{Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."}

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers are known for the timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.