What are the disadvantages of using a WIDS?
What will be an ideal response?
Although WIDS were highly intelligent devices, they had significant disadvantages:
* Only issue alert-Because a WIDS only identifies that an attack has started, it does nothing to prevent the attack from occurring.That would be left up to the system administrator after receiving the WIDS notification.
* Alert after attack started-A WIDS only knows that an attack has started after the attack has commenced. By then damage may have already occurred.
* Dependent upon signatures-A signature detection WIDS relies entirely upon the database of known attack signatures in order to recognize an attack. If a new attack is launched for which this is no attack signature or if the database is not constantly updated, a signature detection WIDS provides no protection.
* High number of false positives-Because of the analytic nature of anomaly detection WIDS, a large number of attack alerts are issued that turn out to be false positives.This creates a tremendous burden on security administrators, especially for WLANs.
You might also like to view...
TCP is
a. a Layer 2 protocol b. a Layer 3 protocol c. a Layer 4 protocol d. a Layer 5 protocol
What type of multiplexing does ADSL use?
What will be an ideal response?
This enables local authentication based on the router’s local user data-base, enable, line passwords, as well as other access protocol types.
What will be an ideal response?
Which file is created when you select Enable Boot Logging from the Advanced Boot Options menu and restart your system?
a. bootlog.txt b. event.log c. ntbtlog.txt d. BCD Store