Page 193 - DCAP516_COMPUTER_SECURITY
P. 193
Computer Security
Notes Intrusion Prevention System: It is a network security device that monitors network and/or
system activities for malicious or unwanted behavior and can react, in real-time, to block or
prevent those activities.
Network Intrusion Detection System: It is an independent platform which identifies intrusions
by examining network traffic and monitors multiple hosts.
Network-based IPS: It is one where the IPS application/hardware and any actions taken to
prevent an intrusion on a specific network host(s) is done from a host with another IP address on
the network (This could be on a front-end firewall appliance.)
Protocol-based Intrusion Detection System: It consists of a system or agent that would typically
sit at the front end of a server, monitoring and analyzing the communication protocol between
a connected device (a user/PC or system).
14.9 Review Questions
1. What are Intruders and their different types?
2. Explain the need and importance of intrusion prevention system.
3. Describe the need and importance of intrusion detection system.
4. What is an E-mail and its architecture?
5. Discuss the various security aspects relating to e-mail.
6. Write short notes on the following:
(a) PGP
(b) PEM
(c) E-mail
(d) E-mail gateways
(e) RFC 822
Answers: Self Assessment
1. Rate-based IPS (RBIPS) 2. protocol analyzer
3. Host-based IPS (HIPS) 4. Unified Threat Management (UTM)
5. Misfeasor 6. Clandestine
7. True 8. False
9. False 10. True
11. True
14.10 Further Readings
Books Managing Enterprise Information Integrity: Security, Control and Audit Issues, IT
Governance Institute.
Risks of Customer Relationship Management: A Security, Control, and Audit Approach,
PricewaterhouseCoopers Llp.
Security, Audit & Control Features PeopleSoft: A Technical and Risk Management
Reference Guide, 2nd Edition, Deloitte Touche Tohmatsu Research Team, ISACA.
William Stallings, Computer Security: Principles and Practice, Prentice Hall, 2008.
186 LOVELY PROFESSIONAL UNIVERSITY
