Page 75 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 75

Unit 5: Physical Security




              In a Network-based Intrusion-detection System (NIDS), the sensors are located at choke  Notes
               points in network to be monitored, often in the Demilitarized Zone (DMZ) or at network
               borders.
              A Protocol-based Intrusion Detection System (PIDS) consists of a system  or agent that
               would  typically  sit  at  the  front  end  of  a  server,  monitoring  and  analyzing  the
               communication protocol between a connected device.

          5.10 Keywords

          Application Protocol-based Intrusion Detection System: it consists of a system or agent that
          would typically sit within a group of servers, monitoring and analyzing the communication on
          application specific protocols.

          Computer Terrorism: It is the act of destroying or of corrupting computer systems with an aim
          of destabilizing a country or of applying pressure on a government.
          Disaster: It is defined as a sudden misfortune that is ruinous to an undertaking.

          Host-based Intrusion Detection System: It consists of an agent on a host which identifies intrusions
          by analyzing system calls, application logs, file-system modifications (binaries, password files,
          capability/acl databases) and other host activities and state.

          Hybrid Intrusion Detection System: It combines two or more approaches, like host agent data is
          combined with network information to form a comprehensive view of the network.
          Intrusion Detection System: It gathers and analyzes information from various areas within a
          computer or a network to identify possible security breaches, which include both intrusions and
          misuse.
          Intrusion Prevention  System: It is a network security  device that monitors network and/or
          system activities for malicious or unwanted behavior and can react, in real-time, to block or
          prevent those activities.
          Network Intrusion Detection System: It is an independent platform which identifies intrusions
          by examining network traffic and monitors multiple hosts.

          Protocol-based Intrusion Detection System: It consists of a system or agent that would typically
          sit at the front end of a server, monitoring and analyzing the communication protocol between
          a connected device (a user/PC or system).

          5.11 Review Questions

          1.   What is physical security? Discuss the elements that should be considered for physical
               security.
          2.   Explain the various physical threats to the information system.
          3.   Discuss the concept of natural disasters.
          4.   Explain the techniques used for controlling physical access.
          5.   What are the various types of intrusion-detection systems?

          6.   Why intrusion detection system is important?
          7.   Write short note on application protocol-based intrusion detection system.
          8.   Describe host-based intrusion detection system.





                                           LOVELY PROFESSIONAL UNIVERSITY                                   69
   70   71   72   73   74   75   76   77   78   79   80