What is the difference between an Intrusion Detection System and an Intrusion Protection System?

What will be an ideal response?


ANSWER: An IDS (intrusion detection system) is a stand-alone device, an application, or a built-in feature running on a workstation, server, switch, router, or firewall. It monitors network traffic, generating alerts about suspicious activity. Whereas a router's ACL or a firewall acts like a bouncer at a private club who checks everyone's ID and ensures that only club members enter through the door, an IDS is generally installed to provide security monitoring inside the network, similar to security personnel sitting in a private room monitoring closed-circuit cameras in the club and alerting other security personnel when they see suspicious activity. Although an IDS can only detect and log suspicious activity, an IPS (intrusion prevention system) stands in-line between the attacker and the targeted network or host, and can prevent traffic from reaching that network or host. If an IDS is similar to security personnel using closed-circuit cameras to monitor a private club, an IPS would be similar to security personnel walking around in the club available to escort unruly patrons to the exit door. IPSes were originally designed as a more comprehensive traffic analysis and protection tool than firewalls.

Computer Science & Information Technology

You might also like to view...

Answer the following statements true (T) or false (F)

1. The tail command is used to display the last 10 lines of the specified file. 2. The command tail +20 xyz displays the first 20 lines of the file xyz. 3. The command wc -l filename displays the number of lines in the filename. 4. The command cat Xfile creates the Xfile and accepts input to file from the keyboard. 5. The command cat > Xfile displays the content of the Xfile.

Computer Science & Information Technology

________ provides the ability to work directly and collaboratively on Excel workbooks stored in OneDrive for Business or SharePoint sites

Fill in the blank(s) with correct word

Computer Science & Information Technology

List and briefly explain the use of the Refine Mask options.

What will be an ideal response?

Computer Science & Information Technology

How does a switch "learn" MAC addresses?

A. All the MAC addresses must be entered manually. B. The switch comes loaded with the most frequently used addresses. C. It reads the source address and keeps a record of which port the sending computer is on D. The switch uses a mathematical formula to determine what the MAC address would be for each computer connected to it.

Computer Science & Information Technology