Intrusion Detection System (IDS) reviews logs and alerts management when the log

Question

Intrusion Detection System (IDS) reviews logs and alerts management when the logs indicate that an incident may have occurred according to the logs that the system collects - that is, an IDS does not 'sit' in the traffic flow. An Intrusion Prevention System ( IPS), on the other hand, must physically 'sit' in the flow of traffic so that it can "stop or prevent" the progress of the identified incident; an IPS is, conceptually, like a manned road-block or checkpoint - while an IDS is like a stop-light camera or monitoring device. In general then, the three effects that can be achieved using security controls are prevention, detection, and recovery. Often, for higher security systems, both an IDS and an IPS will be used to provide an element of "defense in depth." For ACME manufacturing, for one or two vulnerabilities that you (and Jack Sparks) have identified, what sort of control (detection, prevention, or recovery control) - would you recommend and why? Check on link below

Link: https://www.youtube.com/watch?v=ZfdQXPfVW4Y&feature=youtu.be

Explanation / Answer

From the video, it is clearly mentioned that company's physical security at first level is more vulnerable as any one can trespass into the IT room from

So at first place, company should place higher fence at the boundary, security gate at the main entrance, restrict access to IT room and in addition to that if some guy from IT room leaves the room for some time then he/she should keep his/her system locked using

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.