Complete the real world exercises at the end of the chapter. Write your answers in complete sentences and use APA formatting rules. Each answer should be a minimum of 1 paragraph (3 or more sentences)
End of chapter 5 Real world exercises (page 218)
End of chapter 6 Real world exercises (page 257)
1. Using a Web browser, look for the open source and freeware intrusion
detection tools listed in the chapter. Next, identify two to three commercial
equivalents. What would the estimated cost savings be for an organization to
use the open source or freeware versions? What other expenses would the
organization need to incur to implement this solution?
2. Using a Web browser, search on the term intrusion prevention systems. What are the
characteristics of an IPS? Compare the costs of a typical IPS to an IDPS. Do they differ?
What characteristics justify the difference in cost, if any?
3. Using a Web browser, visit the site www.honeynet.org. What is this Web site, and what
does it offer the information security professional? Visit the “Know your Enemy” whitepaper
series and select a paper based on the recommendation of your professor. Read it
and prepare a short overview for your class.
1. Using a Web browser, search for “incident response training.” Look through
the first five results and identify one or two companies that offer such training.
Pick one company and look at the course offerings. Locate a course that can
train you to create a CSIRT. How many days will that course take?
2. Using a Web browser, search for “incident response template.” Look through the first
five results and choose one for further investigation. Take a look at it and determine if
you think it would be useful to an organization creating a CSIRT. Why or why not?
3. Visit the Web site at www.first.org/global/practices. Look for information about best
practices contests. When was the last one held and in which city? What value would
such a contest have for individuals interested in incident response?