1. a) as Encryption conceals of network messages, the ability of intrusion detec

Question

1.

a) as Encryption conceals of network messages, the ability of intrusion detection systems to read these packets decreases. some have speculated that all intrusion detection will become host-based once all network packets have been encrypted. do you agree? justify your answer. if you agree, explain why no information of value can be gleaned from the network; if you disagree, describe the information of interest.

b) One form of IDS starts operation by generating an alert for every action. over time, the administrator adjust the setting of the IDS so that common, benign activities do not generate alarms. what are the advantages and disadvantages of the design of an IDS?

Explanation / Answer

Solution:

1)

a)

Agree

why?

Suppose all the application data will be encrypted then the methods which relies on the application needs to be on the host system. which will make it a host-based intrusion detection system.

For example, signature-based systems look for a bad request in the application data. They could only see that data on the host.

b)

Advantages:

Disadvantages:

I hope this helps if you find any problem. Please comment below. Don't forget to give a thumbs up if you liked it. :)

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.