Provide (2) 200 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
1. The Information Security Automation Program (ISAP) allows for the automation of information security by creating components that are made by integrating systems that are meant for standalone use together into one. This essentially allows for them to cover each others bases by performing their primary functions in tandem with each other. Two of the strengths that come with this are security scan results that provide an in-depth view of security risks, making it easier to find and correct security downfalls, and users will be able to create their own set of security tests and run them with the provided tools, allowing for reduced maintenance time on the security system.
2. Intrusion Detection Systems (IDS) generally work in tandem with firewalls, constantly watching and logging network traffic and reporting any abnormalities while the Intrusion Prevention System (IPS) denies access to those abnormalities. With these too working in your security system you will essentially be able to have your network available to its users with less downtime to deal with intrusions.
3. If properly configured, IDS and IDP can work together to locate and identify an intrusion as well as prevent it with needing any user assistance. The logs provided could be used to look into reoccurring abnormalities and prevent them from further attempts of intrusion. Attempts at intrusion are inevitable on any network but even more so when inept users are added to the equation. Having these two along with other automated systems will prevent this vulnerability from becoming an issue.
1. Briefly list and explain two strengths of one of the technologies discussed in “The Second Wave” reading:
One strength or advantage is many vendors have developed plug-ins to their products that make them SCAP-compatible. This is the only common language in the industry, which is important if organizations are planning to purchase new testing or reporting applications. Another component or strength of SCAP benchmarks, audit tests and system evaluations.
2. Explain how a properly configured IDS/IPS system can feed into your overall security plans.
An intrusion prevention system (IPS) usually sits directly behind the firewall, adding another layer of analysis that removes dangerous contents from the data flow. The intrusion prevention systems continuously monitor your network, looking for possible malicious incidents and capturing information about them. That way the administrator can decide what to do with the threat alert or can simply set an automated action to different threats.
3. Explain how the use of an IDS/IPS system can fit into the security automation process:
Where IDS informs of a potential attack, an IPS makes attempts to stop it. Another huge leap over IDS, is that IPS has the capability of being able to prevent known intrusion signatures but also some unknown attacks due to its database of generic attack behaviors. Thought of as a combination of IDS and an application layer firewall for protection, IPS is generally considered to be the “next generation” of IDS.
Ramirez, D. (n.d.). JOnline: Information Security Automation: The Second Wave. Retrieved from ISACA.org: https://web.archive.org/web/20160921213850/http://www.isaca.org/Journal/archives/2010/Volume-6/Pages/Information-Security-Automation-The-Second-Wave.aspx