1. The technology used to detect anomalies is known
as IDS .
Explanation: Intrusion Detection
is a quickly evolving domain of expertise. In the past year we have
seen giant steps forward in this area. We are now seeing IDS engines
that will detect anomalies, and that have some built-in intelligence.
It is no longer a simple game of matching signatures in your network
2. IDSs verify, itemize, and characterize
threats from outside and inside
Explanation: IDSs verify,
itemize, and characterize the threat from both outside and inside your
organization's network, assisting you in making sound decisions regarding
your allocation of computer security resources. Using IDSs in this manner
is important, as many people mistakenly deny that anyone (outsider or
insider) would be interested in breaking into their networks. Furthermore,
the information that IDSs give you regarding the source and nature of
attacks allows you to make decisions regarding security strategy driven
by demonstrated need, not guesswork or folklore. While an IDS can be
deployed in one's DMZ to look only for Internet or outside network intrusions,
it can also be used internal to a network as well.
3. A drawback of Network-based IDSs
is they cannot analyze encryped
IDSs cannot analyze encrypted information. This problem is increasing
as more organizations (and attackers) use virtual private networks.
Most network-based IDSs cannot tell whether or not an attack was successful;
they can only discern that an attack was initiated. This means that
after a network-based IDS detects an attack, administrators must manually
investigate each attacked host to determine whether it was indeed penetrated.
4. An extranet can be viewed as
part of a company's intranet that is extended to users outside
the company .
Explanation: An extranet is
a private network that uses the Internet protocol and the public telecommunication
system to securely share part of a business's information or operations
with suppliers, vendors, partners, customers, or other businesses. An
extranet can be viewed as part of a company's intranet that is extended
to users outside the company. It has also been described as a "state
of mind" in which the Internet is perceived as a way to do business
with other companies as well as to sell products to customers. The same
benefits that HTML, Hypertext Transfer Protocol (HTTP), Simple Mail
Transfer Protocol (SMTP), and other Internet technologies have brought
to the Internet and to corporate intranets now seem designed to accelerate
business between businesses.
Typically the portion of a company's
network inside the company is referred to as its intranet. Generally
extranet users do not have administrator or root privileges.
5. An intranet
is a network that is mostly contained within a company.
Explanation: An intranet is
a private network that is contained within an enterprise. It may consist
of many interlinked local area networks and also use leased lines in
the wide area network. Typically, an intranet includes connections through
one or more gateway computers to the outside Internet. The main purpose
of an intranet is to share company information and computing resources
among employees. An intranet can also be used to facilitate working
in groups and for teleconferences.