IDS Analysis Paper
Overview
The implementation of intrusion detection system (IDS) technologies comes in many different forms. Staying current with industry literature that discusses strategies on mitigation and remediation of different malware will increase your knowledge of what steps to take to help prevent succumbing to an attack. As cybersecurity is a field that can change on a daily basis, you will not stop learning and growing even after you complete your degree program. Evolving with the field and staying current is a critical aspect of being successful and excelling in this field.
It is important to recognize that IDS is not a one-size-fits-all tool. An IDS can be configured in three different ways: it can test for anomalies, be heuristic-based, or be a hybrid of the two. Configuring the IDS to meet specific business needs will reduce the amount of time an analyst needs to explore log files and other information generated by the IDS. The individual should be left to handle the alerts generated by the properly configured system.
When putting any controls in place to protect a system, you must always keep confidentiality, integrity, and availability in mind, using your proactive mindset, to develop the best protection for the system. It is important to examine possible indicators of an attack and how other aspects of a system can be affected. Malware is a great example of an attack that affects all tenets of the CIA triad.
For this project, you will be creating an IDS Analysis Paper that examines the interaction of the security objectives of the CIA triad and the configuration of an IDS, and contains practical application of IDSes in a scenario-based application of your choosing.
The project incorporates one stepping stone, which will be submitted in Module Four. The project will be submitted in Module Six.
In this assignment, you will demonstrate your mastery of the following competency:
Implement an intrusion detection system (IDS)
Prompt
You must address the critical elements listed below. The codes shown in brackets indicate the competency to which each critical element is aligned.
IDS and Security Objectives—Critical Thinking Questions
What component of an IDS is best prepared to help with the loss of confidentiality?
What are the indicators of malware that could be detected by an IDS that may result in the loss of integrity?
How can an IDS be used to detect the loss of availability?
Configuring an IDS—Scenario Based Questions
Create a brief fictitious scenario of a company that resides within two buildings. Include a short profile of its data assets, its industry, and its size. For example, Southern New Hampshire High School has an administration building and an academic building. The data assets it protects are student records and employee records. The industry is education, and there are 500 students and employees.
Identify two components that you would implement to provide the best IDS protection for your fictitious company. Justify your response.