The role of IDS / IPS

Explicate the main efforts that would be included in the incident response efforts.

Discuss in detail the role that an IDS / IPS would play in the IR efforts.

Explain how these systems can assist in the event notification, determination, and escalation processes.

Explain how the NIST SP800-61 could assist the personnel in classifying incidents so each is identified appropriately and the proper incident-handling procedures are taken.

Explain how the use of log management systems could be a legitimate and useful component of the IR effort,.

Describe the potential issues that could arise if not utilize

Leave a reply