1.) There are two basic ways to tell if a network or system is under attack. These are with intrusion-detection systems (IDSs) and intrusion-protection systems (IPSs). Discuss how each of these approaches is different. Do not forget to include how network-based and hosted-based systems come into play.
You work for a small bank that has only 11 branches, and you must design a system that gives notice of a possible attack. Discuss what tools can be used, how they can be implemented to protect the bank, and how they can notify the appropriate people when the network comes under attack.
2.) Testing for an unknown is a virtually impossible task. What makes it possible at all is the concept of testing for categories of previously determined errors. The different categories of errors are
- buffer overflows (most common);
- code injections;
- privilege errors; and
- cryptographic failures.
Please evaluate the software engineering, secure-code techniques, and the most important rule that relates to defending against a denial-of-service attack. Here are two types of error categories: the failure to include desired functionality and the inclusion of undesired behavior in the code. Testing for the first type of error is relatively easy.