paper must address all of the following areas: What is intrusion detection? What


paper must address all of the following areas:
What is intrusion detection?
What is intrusion prevention?
What is an IDS, and how is it of importance or relevance to organizations?
What is a Network IDS or NIDS?
What is a Host IDS or HIDS?
Explain the two detection philosophies (Signature and Anomaly) and when it is appropriate to use them.
From the perspective of IDSs, explain what Signatures, Alerts, Logs, False Alarms, and Sensors are.
Briefly describe some open-source IDS solutions? (ex. Snort, BRO, etc.) available to network administrators. Compare and contrast selected solutions. (benefits, pros, cons)
Where should IDSs be placed in a network topology, and why? You may use some graphics to describe this information.
What are some challenges of implementing IDS / IPS systems in an organization? (Consider technical difficulties, cost-benefit analysis, and selling the idea to executives within the organization) .


Leave a Reply