Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This lesson covers intrusion detection systems. This is software that is used to monitor a network segment or an individual computer. Detection systems are used to detect attacks and other malicious activity. They are dynamic in nature and there are two types: network and host based (TCP wrappers). Intrusion detection systems consist of the following: - Sensors - Analysis engine - Management console An intrusion detection systems works via pattern matching and profile comparison. If a threat is detected, the intrusion detection system responds in a passive or active way. The drawbacks of these systems is they might not be able to process all packets on large networks and there can be a lot of false alarms.