What IDS guidelines should be allowed according to SAFE SMR?

You are the security administrator at Certkiller Inc. and you are working on installing IDS in the network. What IDS guidelines should be allowed according to SAFE SMR?

You are the security administrator at Certkiller Inc. and you are working on installing IDS in the network. What IDS guidelines should be allowed according to SAFE SMR?

A.
An IDS guideline is to use TCP shunning as opposed to TCP resets.

B.
An IDS guideline is to use shunning no longer than 15 minutes.

C.
An IDS guideline is to use shunning on only TCP traffic, as it is more difficult to spoof than UDP.

D.
An IDS guideline is to use shunning on only UDP traffic, as it is more difficult to spoof than TCP.

Explanation:

To mitigate the risks of shunning, you should generally use it only on TCP traffic, which is much more difficult to successfully spoof than UDP.
Reference: Safe white papers; 8
SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks



Leave a Reply 0

Your email address will not be published. Required fields are marked *