Hello and welcome back the side Berries. 2019 Cop Tia Security Plus Certification Preparation course.
We're going to continue our discussion off, marginal to
and the top of discussions domain to technology and tools.
Here again, it's the objective which encompasses this particular domain one of the many objectives. And it's 2.1
installing configuring network components, both hardware and software based to support organizational security.
The first item agenda is a pre assessment quiz
you need to determine whether or not this statement I'm going to read it either True
are false. So without further do network intrusion detection systems or in I D. S,
a system that attempts to detect hacking activity
that now serves attacks or port scans on a computer network or computer itself, is that true or false?
If you select it true, you're absolutely correct.
Here again is the objective which encompasses this particular domain, one of many objectives,
and here again, of the key topics we're going to discuss doing this particular video
ranging from network intrusion detection system, is with network intrusion prevention systems. We take a look at signature base all way down to false versus a
false negative false positives. Well,
so when we look at a network and choosing a Texan system
basically is a type of ADI s that attempts to detect malicious network activities, such a support scan or dogs can by constantly monitoring your network traffic
the network intrusion Texas's with Then report any issues that it find to the network administrator as long as it's configured properly. The Keith I want to mention here long was it configured properly? These particular advice is, do not come out of the box pre configured you as an administrator have to set them up.
You said what we call your initial baseline security.
And obviously, as the threats become much more sophisticated, you may need to go back in a tweet. Those initial baseline settings that you set up on that particular again, that network intrusion detection system
and their intrusion detection prevention system are some truths of adventure. System is designed to inspect the traffic, and based on this configuration security policy, it can remove, detained or redirect melissa traffic in addition to simply detecting it.
the intrusion detection order does is text. It did X to potential malicious activity
and then what it does, it notifies you as administrator.
On the other hand, if you sit up in that figure, a network intrusive adventure system where you can have it set up. But when it detects, some type of malicious traffic can literally shut down that port. And once it's shut down that particular poor, that's what happened. The attack no longer continue to occur.
Now we look a intrusion detection system and contribute intrusion prevention system. The two other security technique developed is secured. Networks are in choosing detection system and prevention systems, and I D s. A solution is I didn't take unauthorized use, activity attacks
and network, um, compromise.
Additionally, the intrusion prevention system is very similar to ideas, as I mentioned in the previous slide. Except that in addition to the technician and alerting you, the obvious can take action to prevent a breach from actual current
You never Intrusion detection system is used to monitor Network is worth protect the confidentiality, integrity and availability or network game. We look at a network intrusion prevention system network truce it in Texas system is a system that attempt to detect hacking activity and now serves attack or port scans on a computer network or a computer itself.
Let's take a look at some key concepts in regards to network and choosing prevention system as what is network and choosing the Texan system. Let's first of all, begin by first are taking a look at the term call signature base
in this case that uses pre defined set of rules to identify unacceptable events.
Anomaly It uses definitely expected patterns to events.
Heuristic behavior. The world's identify how in any of the acts in a specific environment
in line versus passive when you look at the in line sensor is inserted into the network segment so that the traffic that is Martin must pass through that sensor a passive seven months since, in other words, Mont. A copy of the network traffic. The actual traffic does not pass through that particular what we call a passive device
then we have in Van vs
out of Band and in Van Mansion involves managing your devices through the common protocols such as telnet or ssh, using the network itself as a media.
The typical the typical out of band solution is to have the access server that is connected to the mansion port of each control device.
Rules are used determine whether traffics, malicious or should be allowed and whether it generates an alert
analytics. Basically, it's a scientific process of discovering and communicate in a meaningful patterns, which could be found in data. It's concerned with turning row data into obviously great management information. Other words
false. Positive. Sometimes that is identified by skin other assessment to as being vulnerability, being a vulnerability of the words when in fact it's not.
Hence the term false, positive,
false negative, sometime that is identified by scanner or other assessment to has not been a vulnerable it when in fact it is.
This brings us to our post assessment question again. Here's another statement that you need determine whether or not this statement is true or false.
So without further do, an intrusion prevention system is very similar ideas, except that in addition to detective and alerting the intrusion but business, we can also take action to prevent
the breach from a current.
If he's that you, you're absolutely correct.
Let's not turn on 10 to tour some key takeaways from this particular video.
We learned that a network and tune in Texas system is a type of ID es that attempt to detect malicious network activities. Such a supports can adults attacked by constantly monitoring your network Traffic
network Intrusion Detection System prevention system, in other words, is a system used to mountain networks was to protect the company jolly integrity and availability of the network.
Your network intrusion detection systems. The system that attempts to detect hacking activities, the now of service attacks or port scans on a computer network
In the upcoming video, we can t home without discussion to point to giving a scenario. Use appropriate tools. Butterworth software to to assess the security posture. Often organization.
I look forward to seeing your very next video.