IDPS that compares sampled network activity to established baseline
stateful protocol analysis (SPA) IDPS
IDPS that uses profiles to detect anomalous protocol behavior
log file monitor (LFM) IDPS
IDPS that reviews log files from servers, network devices, and other IDPSs for signatures indicating an attack or intrusion
attacker who utilizes tactics designed to trip the organization's IDPS, essentially causing the organization to conduct its own DoS attack, but overreacting to an actual, but insignificant, attack.
centralized control strategy
strategy in which all IDPS control functions are implemented and managed in a central location
fully distributed control strategy
strategy in which all control functions are applied at the physical location of each IDPS component
partially distributed control strategy
strategy that combines the best of the other two strategies; while individual agents still analyze and respond to local threats, their reporting to a hierarchical central facility enables the organization to detect widespread attacks
decoy systems designed to lure potential attackers away from critical systems
collection of honey pots connecting several honey pot systems on a subnet
honey pot that has been protected so it cannot be easily compromised—in other words, a hardened honey pot
trap and trace
a combination of techniques used to detect an intrusion and then to trace it back to its source
the act of hacking into a hacker's system to find out as much as possible about the hacker
the process of attracting attention to a system by placing tantalizing information in key locations.
the action of luring an individual into committing a crime.