SlideShare a Scribd company logo
CompTIA Security+ Study Guide
(SY0-501)
Chapter 3:
Understanding Devices and Infrastructure
Chapter 3: Understanding Devices
and Infrastructure
• Install and configure network components, both
hardware- and software-based to support
organizational security
Designing with Security in Mind
• Firewalls
• VPNs and VPN concentrators
• Intrusion detection systems
Intrusion Detection Systems
Intrusion Detection Systems
• An intrusion detection system (IDS) is software that
runs on either individual workstations or network
devices to monitor and track network activity.
• Intrusion detection systems (IDSs) are becoming
integral parts of network monitoring.
• Intrusion detection (ID) is the process of monitoring
events in a system or network to determine
whether an intrusion is occurring
• An intrusion is defined as any activity or action that
attempts to undermine or compromise the
confidentiality, integrity, or availability of resources.
Chapter 3: Protecting Networks
• IDSs use four primary
approaches
– Behavior-based detection
– Signature-based detection, also commonly
known as misuse-detection IDS (MD-IDS)
– Anomaly-detection IDS
– Heuristic IDS
Network-Based IDS
Using a Hub to Attach NIDS to
the Network
Implementing a Passive
Response
Passive response : The most common type of
response to many intrusions. In general,
passive responses are the easiest to develop
and implement.
Some passive response strategies
• Logging
• Notification
• Shunning
Implementing an Active
Response
• Active response
– Involves taking an action based on an attack
or threat
• An active response will include one of
these reactions:
– Terminating processes or sessions
– Network configuration changes
– Deception
Host-Based IDs
• A host-based IDS (HIDS) is designed to
run as software on a host computer
system.
• HIDSs are popular on servers that use
encrypted channels or channels to other
servers.
Chapter 3: Protecting Networks
• Network Intrusion Prevention Systems
(NIPSs) focus on prevention. These systems
focus on signature matches and then take a
course of action.
Security-Related Devices
• Router
• Switch
• Proxy
• Load balancer
• Access point
• SIEM
• DLP
• NAC
• Mail gateway
• Bridge
• SSL/TLS accelerators
• SSL decryptors
• Media gateway

More Related Content

PDF
IDS (intrusion detection system)
PPTX
Intrusion Detection System
PPT
Intrusion detection and prevention
PPT
Intrusion Detection And Prevention
PPTX
Intrusion detection system
PPTX
Information Security.pptx
PPTX
Intrusion dDetection
PPT
Introduction To Intrusion Detection Systems
IDS (intrusion detection system)
Intrusion Detection System
Intrusion detection and prevention
Intrusion Detection And Prevention
Intrusion detection system
Information Security.pptx
Intrusion dDetection
Introduction To Intrusion Detection Systems

Similar to ch03.pptx (20)

PDF
Survey on Host and Network Based Intrusion Detection System
PDF
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdf
PPT
idps
PDF
Ijnsa050208
PPTX
Dcit 418-Slide two presentation (1).pptx
PDF
Cyber Security Notes Unit 4 for Engineering
PPTX
Intrusion detection system (ids)
PPTX
Cours_4_IDS_IPS.pptx
PDF
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
DOC
06686259 20140405 205404
PDF
Ch13 Ids
PDF
Intrusion Detection System Project Report
PDF
N44096972
PPSX
Ids 001 ids vs ips
PDF
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
PPT
PPSX
Intrusion detection system
PDF
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
PDF
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
PPTX
Unit-5.pptx
Survey on Host and Network Based Intrusion Detection System
FALLSEM2023-24_CSE3501_ETH_VL2023240102981_2023-09-04_Reference-Material-I.pdf
idps
Ijnsa050208
Dcit 418-Slide two presentation (1).pptx
Cyber Security Notes Unit 4 for Engineering
Intrusion detection system (ids)
Cours_4_IDS_IPS.pptx
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
06686259 20140405 205404
Ch13 Ids
Intrusion Detection System Project Report
N44096972
Ids 001 ids vs ips
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
Intrusion detection system
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Unit-5.pptx

Recently uploaded (20)

PPT
Occupational Health and Safety Management System
PDF
Exploratory_Data_Analysis_Fundamentals.pdf
PDF
R24 SURVEYING LAB MANUAL for civil enggi
PDF
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
PDF
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
PDF
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
PPTX
Fundamentals of safety and accident prevention -final (1).pptx
PPT
Total quality management ppt for engineering students
PDF
Automation-in-Manufacturing-Chapter-Introduction.pdf
PDF
Categorization of Factors Affecting Classification Algorithms Selection
PDF
COURSE DESCRIPTOR OF SURVEYING R24 SYLLABUS
PDF
Integrating Fractal Dimension and Time Series Analysis for Optimized Hyperspe...
PDF
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
PDF
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
PPTX
CURRICULAM DESIGN engineering FOR CSE 2025.pptx
PPTX
Nature of X-rays, X- Ray Equipment, Fluoroscopy
PPTX
Artificial Intelligence
PDF
Human-AI Collaboration: Balancing Agentic AI and Autonomy in Hybrid Systems
PPT
INTRODUCTION -Data Warehousing and Mining-M.Tech- VTU.ppt
Occupational Health and Safety Management System
Exploratory_Data_Analysis_Fundamentals.pdf
R24 SURVEYING LAB MANUAL for civil enggi
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
Fundamentals of safety and accident prevention -final (1).pptx
Total quality management ppt for engineering students
Automation-in-Manufacturing-Chapter-Introduction.pdf
Categorization of Factors Affecting Classification Algorithms Selection
COURSE DESCRIPTOR OF SURVEYING R24 SYLLABUS
Integrating Fractal Dimension and Time Series Analysis for Optimized Hyperspe...
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
CURRICULAM DESIGN engineering FOR CSE 2025.pptx
Nature of X-rays, X- Ray Equipment, Fluoroscopy
Artificial Intelligence
Human-AI Collaboration: Balancing Agentic AI and Autonomy in Hybrid Systems
INTRODUCTION -Data Warehousing and Mining-M.Tech- VTU.ppt

ch03.pptx

  • 1. CompTIA Security+ Study Guide (SY0-501) Chapter 3: Understanding Devices and Infrastructure
  • 2. Chapter 3: Understanding Devices and Infrastructure • Install and configure network components, both hardware- and software-based to support organizational security
  • 3. Designing with Security in Mind • Firewalls • VPNs and VPN concentrators • Intrusion detection systems
  • 5. Intrusion Detection Systems • An intrusion detection system (IDS) is software that runs on either individual workstations or network devices to monitor and track network activity. • Intrusion detection systems (IDSs) are becoming integral parts of network monitoring. • Intrusion detection (ID) is the process of monitoring events in a system or network to determine whether an intrusion is occurring • An intrusion is defined as any activity or action that attempts to undermine or compromise the confidentiality, integrity, or availability of resources.
  • 6. Chapter 3: Protecting Networks • IDSs use four primary approaches – Behavior-based detection – Signature-based detection, also commonly known as misuse-detection IDS (MD-IDS) – Anomaly-detection IDS – Heuristic IDS
  • 8. Using a Hub to Attach NIDS to the Network
  • 9. Implementing a Passive Response Passive response : The most common type of response to many intrusions. In general, passive responses are the easiest to develop and implement. Some passive response strategies • Logging • Notification • Shunning
  • 10. Implementing an Active Response • Active response – Involves taking an action based on an attack or threat • An active response will include one of these reactions: – Terminating processes or sessions – Network configuration changes – Deception
  • 11. Host-Based IDs • A host-based IDS (HIDS) is designed to run as software on a host computer system. • HIDSs are popular on servers that use encrypted channels or channels to other servers.
  • 12. Chapter 3: Protecting Networks • Network Intrusion Prevention Systems (NIPSs) focus on prevention. These systems focus on signature matches and then take a course of action.
  • 13. Security-Related Devices • Router • Switch • Proxy • Load balancer • Access point • SIEM • DLP • NAC • Mail gateway • Bridge • SSL/TLS accelerators • SSL decryptors • Media gateway