Intrusion Detection & Response

Temple University

Deval Shah

Week 08: Question

by

Incident Response and Intrusion management has a lot to do with Information.  As far as cyber security is concerned its about LOGS.

What strategy would utilize in terms Logs.  Log Everything, Selectively Log, or something else.  Please provide your views on this important topic!

Notification on date change

by

Term Paper: Changed from 7/10 -> 7/17

Quiz 2 – Change from 7/17 -> 7/23

Short Paper 3 will change from 7/23 -> 7/30

Presentation will remain.

Week 6: Question

by

Modern day networks are no longer static, they are continuously morphing with a mobile workforce and presence of data everywhere. How can organizations monitor the environment for onslaught of threats and endless attack vectors.  Provide some comments and insights on where you would start with your IDS implementation strategy?

Week 4: Question

by

When it comes to IDS, there are various things to consider:  Host – IDS (HIDS) vs Network IDS (NIDS).  There is also Signature Based vs Anomaly Based.  And finally IDS vs IPS.  How does one figure out figure out what to use and when?  Provide your views on the various IDS techniques and what is the best approach to working through them?

Week 3: Question

by

Since Packet capture is an integral part of Intrusion Management strategy, the question remains, what factors influence an organizations Packet Capture strategy?  Please provide some insight into some of these factors and why they are or are not relevant?

Week 03: No class on Monday

by

Please note that there is no class on Monday(5/29/2017) due to Memorial day.  But we will host the class on Wednesday(5/31/2017) from 5:30 PM to 8 PM.  Also do not forget to submit your short paper assignment.
Have a nice weekend​.

Week 2: Question

by

What are the similarities and differences from the following groups (Help Desk, SOC, CERT, CIRT, etc) within an enterprise?