Answered step by step
Verified Expert Solution
Question
1 Approved Answer
If you have not done so , complete the weekly lab and save your screenshots in the Assignment Template ( linked in Resources ) .
If you have not done so complete the weekly lab and save your screenshots in the Assignment Template linked in Resources Briefly describe what you learned from or observed in the lab and include it in the section with your screenshots in the Assignment Template. Be specific.
Complete the following:
Part
Imagine the Anchor Hospital IDS is sending the following alert to the administration console with unexpected frequency every two minutes:
:::: INDICATORSCAN Denial of service attempt Classification: activityPriority: TCP::
Due to the abnormally high volume and the fact that the IDS was recently reconfigured you suspect that your IDS may be returning false alerts.
Describe investigative actions that would confirm or deny your suspicion.
Part
Imagine that you determine that the high number of alerts was not false but a denial of service DoS attack.
Identify two controls to mitigate the attack and explain why each is appropriate.
Part
You now recognize the importance of network monitoring and are concerned about the possibility of internal attacks as well.
Explain where you chose to place the IDS agent or agents on the network to maximize effectiveness against internal attacks.
Update your network diagram to reflect the position of each IDS agent and add it to the template.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started