Security Policy Document

Security Policy Document

Intrusion detection system (IDS)

An intrusion detection system (IDS) refers to a software application or device which is used to monitor system or network activities for policy violations or malicious activities and develops reports to a management station. The main focus of intrusion detection system (IDS) is to identify reporting attempts, relevant logging information and other possible incidents. Furthermore, it is highly implemented in organizations for other multiple purposes like determining concerns with security policies, current threats to documenting and preventing in criminals from violating securing policies. Almost in every organization, it has turned out to be a necessary element in the security infrastructure. Information relevant to observed events is recorded in IDS and then reports are produced. Theses often respond to a detected threat and attempts to prevent it from damaging data. This device is also very helpful in detecting and stopping the attack itself as it has the ability to alter the security environment itself or making changes in the attack's content (Morel, Benoit, Linkov, and Igor, 2006).

An intrusion detection system (IDS) is a significant tool used to search for the major design systems that are secure and find out the ways to measure risk and the ways to guarantee the maintenance proper levels of privacy specifically for individual technology users, government, businesses, and also for various other organizations. Once an organization assessed their business on the basis of these factors, IDS can be used as a helpful tool for calculating the importance of each risk as well as the probability of the risk that occurs actually (Biringer, Betty and Rudolph, 2007).

Vulnerabilities to the System

Reconnaissance in the Contest of Computer Security

The term reconnaissance is actually comes from its military use, where it is referred to a mission into enemy territory for acquiring data and information. In the context of computer security, the term reconnaissance is considered as an initial step for preventing further attacks that are directed to damage the targeted system. Port scanning, is often used by the attacker for instance in order to discover any risky ports. A hacker mostly damages the vulnerabilities of services and systems that are linked with open ports and were detected after an attack (Lam, LeBlanc and Smith, 2009).

Active reconnaissance is considered as a category of computer attack which involves an intruder with the system that is targeted for collecting data and information related to the vulnerabilities. It is somehow confusing that both the passive and active reconnaissance are actually based on the passive attacks as a they are aimed to find out the information only instead of actively targeting the systems and damaging them with rapid attacks as done by active. Passive and active reconnaissance are utilized for the purpose of which is comprised of attack methods for determining the vulnerabilities of the system. In this way al the related concerns are focused before the attack by any virus or hacker and this protects the system's data and information

Active reconnaissance Data Collection Technique-Active reconnaissance refers ...