Time
33 hours 23 minutes
Difficulty
Beginner
CEU/CPE
33

Video Transcription

00:00
Hello and welcome back the side Berries. 2019 Cop Tia Security Plus Certification Preparation course.
00:08
We're going to continue our discussion off, marginal to
00:12
and the top of discussions domain to technology and tools.
00:16
Here again, it's the objective which encompasses this particular domain one of the many objectives. And it's 2.1
00:23
installing configuring network components, both hardware and software based to support organizational security.
00:31
The first item agenda is a pre assessment quiz
00:34
you need to determine whether or not this statement I'm going to read it either True
00:38
are false. So without further do network intrusion detection systems or in I D. S,
00:45
a system that attempts to detect hacking activity
00:48
that now serves attacks or port scans on a computer network or computer itself, is that true or false?
00:56
If you select it true, you're absolutely correct.
00:59
Here again is the objective which encompasses this particular domain, one of many objectives,
01:03
and here again, of the key topics we're going to discuss doing this particular video
01:08
ranging from network intrusion detection system, is with network intrusion prevention systems. We take a look at signature base all way down to false versus a
01:19
false negative false positives. Well,
01:23
so when we look at a network and choosing a Texan system
01:26
basically is a type of ADI s that attempts to detect malicious network activities, such a support scan or dogs can by constantly monitoring your network traffic
01:38
the network intrusion Texas's with Then report any issues that it find to the network administrator as long as it's configured properly. The Keith I want to mention here long was it configured properly? These particular advice is, do not come out of the box pre configured you as an administrator have to set them up.
01:53
You said what we call your initial baseline security.
01:57
And obviously, as the threats become much more sophisticated, you may need to go back in a tweet. Those initial baseline settings that you set up on that particular again, that network intrusion detection system
02:10
and their intrusion detection prevention system are some truths of adventure. System is designed to inspect the traffic, and based on this configuration security policy, it can remove, detained or redirect melissa traffic in addition to simply detecting it.
02:27
So, in other words,
02:28
the intrusion detection order does is text. It did X to potential malicious activity
02:35
and then what it does, it notifies you as administrator.
02:38
On the other hand, if you sit up in that figure, a network intrusive adventure system where you can have it set up. But when it detects, some type of malicious traffic can literally shut down that port. And once it's shut down that particular poor, that's what happened. The attack no longer continue to occur.
02:53
Now we look a intrusion detection system and contribute intrusion prevention system. The two other security technique developed is secured. Networks are in choosing detection system and prevention systems, and I D s. A solution is I didn't take unauthorized use, activity attacks
03:07
and network, um, compromise.
03:10
Additionally, the intrusion prevention system is very similar to ideas, as I mentioned in the previous slide. Except that in addition to the technician and alerting you, the obvious can take action to prevent a breach from actual current
03:24
You never Intrusion detection system is used to monitor Network is worth protect the confidentiality, integrity and availability or network game. We look at a network intrusion prevention system network truce it in Texas system is a system that attempt to detect hacking activity and now serves attack or port scans on a computer network or a computer itself.
03:44
Let's take a look at some key concepts in regards to network and choosing prevention system as what is network and choosing the Texan system. Let's first of all, begin by first are taking a look at the term call signature base
03:54
in this case that uses pre defined set of rules to identify unacceptable events.
04:00
Anomaly It uses definitely expected patterns to events.
04:06
Heuristic behavior. The world's identify how in any of the acts in a specific environment
04:13
in line versus passive when you look at the in line sensor is inserted into the network segment so that the traffic that is Martin must pass through that sensor a passive seven months since, in other words, Mont. A copy of the network traffic. The actual traffic does not pass through that particular what we call a passive device
04:33
then we have in Van vs
04:35
out of Band and in Van Mansion involves managing your devices through the common protocols such as telnet or ssh, using the network itself as a media.
04:46
The typical the typical out of band solution is to have the access server that is connected to the mansion port of each control device.
04:58
Rules are used determine whether traffics, malicious or should be allowed and whether it generates an alert
05:04
analytics. Basically, it's a scientific process of discovering and communicate in a meaningful patterns, which could be found in data. It's concerned with turning row data into obviously great management information. Other words
05:20
false. Positive. Sometimes that is identified by skin other assessment to as being vulnerability, being a vulnerability of the words when in fact it's not.
05:30
Hence the term false, positive,
05:31
false negative, sometime that is identified by scanner or other assessment to has not been a vulnerable it when in fact it is.
05:40
This brings us to our post assessment question again. Here's another statement that you need determine whether or not this statement is true or false.
05:47
So without further do, an intrusion prevention system is very similar ideas, except that in addition to detective and alerting the intrusion but business, we can also take action to prevent
06:00
the breach from a current.
06:04
If he's that you, you're absolutely correct.
06:08
Let's not turn on 10 to tour some key takeaways from this particular video.
06:12
We learned that a network and tune in Texas system is a type of ID es that attempt to detect malicious network activities. Such a supports can adults attacked by constantly monitoring your network Traffic
06:25
network Intrusion Detection System prevention system, in other words, is a system used to mountain networks was to protect the company jolly integrity and availability of the network.
06:36
Your network intrusion detection systems. The system that attempts to detect hacking activities, the now of service attacks or port scans on a computer network
06:45
or computer itself.
06:46
In the upcoming video, we can t home without discussion to point to giving a scenario. Use appropriate tools. Butterworth software to to assess the security posture. Often organization.
06:59
I look forward to seeing your very next video.

Up Next

CompTIA Security+

Interested in the cybersecurity industry? The CompTIA Security+ is the gold standard for those looking to enter the cybersecurity industry. Join thousands of professionals who have gained this certification through this course and launched their careers in information security.

Instructed By

Instructor Profile Image
Jim Hollis
Independent Contractor
Instructor