Assignment
In a meeting with the CEO and CTO of an IDS company you have been asked to represent the corporate investigative and incident response team concerning the benefits of using advanced tools, such as IDS/IPS, and forensics tools to be alerted of suspicious network activity and to securely investigate/analyze and audit many machines simultaneously over the LAN/WAN at the disk and memory level. They do not understand the concept of auditing over the network, its security benefit to the organization, and the outcomes. In addition, they would like to you to discuss in the meeting if the use of WinDump, Snort and TCPdump tools will provide the corporate security team with needed insight into the network traffic.
The report should include the following:
• A title page
• An MS Word document containing the following:
o A title page with the names of the participating members
o An Introduction (Abstract optional) detailing the major points of the discussion and major points
o the benefits to the incident response team concerning the use of IDS/IPS
o how typical system auditing is done across corporate networks and its benefits
o how the use of WinDump, Snort and TCP dump tools will provide the corporate security team with needed insight into the network traffic
o the use of APA in the main body of the paper to support all technical assertions (e.g., Mahaney, 2010)
o a reference list in APA format
The report should be a minimum of 5-8 pages in length (excluding the title page) and neatly formatted. Sources should be properly cited in APA style. All major bullets should be expanded in the speaker notes of the document. References should be placed in APA in the reference list.