jaydeltathree

Bace: Ch 2--Concepts and Definitions

No surprises here. Pretty short chapter. Starts off with an introduction to intrusion detection where the components and goals are stated. A lot of the chapter actually deals with security in general rather than intrusion detection. Formal definition of computer is given with the security triad of confidentiality, integrity and availability. Threat, vulnerability and the relationship between the two are mentioned. Security policy is covered. Other parts of security infrastructure are touched upon: access control, identification and authentication, encryption and firewalls. Intrusion detection systems are classified and the components are listed. Page 41 deals with response, and I learned a few things. I guess I should have known, but response is a lot broader than what were hear about the most, which is going on the attack. Using Bace's definition of response, all intrusion detection systems are response systems, which I guess I've kinda though all along was correct.