Discuss the process of IDPS signature evaluation.
What will be an ideal response?
You do not monitor and evaluate network traffic to create a large quantity of data to analyze. Instead, you want to gather evidence that indicates whether your IDPS signatures are working well or need to be updated. A variety of IDPS vendors are available, each with its own set of signatures for suspicious events. How do you evaluate signatures for each one? Various attempts have been made to standardize the evaluation and comparison of signature sets, but none have been adopted widely enough to be effective.
Therefore, the process of updating IDPS signatures varies depending on the vendor. One should check the vendor's Web site for complete instructions and visit it often to download new signatures.
You might also like to view...
Once access to a system has been achieved, SQL statements can be used to construct the database schema and escalate user privileges.
Answer the following statement true (T) or false (F)
Which protocol and port number are used for Syslog traffic?
A) UDP, 443 B) TCP, 67 C) UDP, 514 D) TCP, 69
What is a touch pad?
What will be an ideal response?
Using your calculator, find the standard deviation of the following data set. 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
A. 
B. 
C. 
D. 
E. 