Network Authentication Chapter 5
Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
Intrusion Detection System (IDS)
An IDS monitors traffic offline and generates an alert (log) when it detects malicious traffic
What types of malicious traffic does IDS detect?
–Denial of Service attacks
Signature attributes (3)
- Signature Type
- Trigger (Alarm)
Signature Micro - Engines (5)
four types of signature triggers
- pot-based detection
- True Positive
- True Negative
- False Positive
- False Negative
Tuning IPS Signature Alarms (4)
Cisco device management software (3)
- Router and Security Device Manager
- IPS Manager Express (IME)
- Security Manager (CSM)
Actions performed when a signature is detected. (6)
- Generate an alart
- Log the activity
- drop or prevent the activity
- Reset a TCP connection
- block future activity
- allow the activity
Generated every time a signature triggers.
A single alert that indicates multiple occurrences of the same signature from the same source address or port.
To implement IOS IPS:
- Step 1. Download the IOS IPS files.
- Step 2. Create an IOS IPS configuration directory in flash.
- Step 3. Configure an IOS IPS crypto key.
- Step 4. Enable IOS IPS.
- Step 5. Load the IOS IPS signature package to the router.
Home > Flashcards > Print Preview