Skip to main content

Full content data is information based on that network that allows analysts to derive session, alert, and statistical data (Bejtlich, 2005).

Task 1:
 Instructions: Add additional insight opinions or challenge opinions and you can visit a couple of the web sites contributed and share your opinion of these sites. Minimum of 150 words for each.
1) Full content data is information based on that network that allows analysts to derive session, alert, and statistical data (Bejtlich, 2005). It offers both granularity as well as application relevance which makes its collection meaningful (Bejtlich, 2005). To obtain full content data, there are security monitoring products at play. When discussing security monitoring products, it is important to discuss the monitoring zones. “Monitoring zones are locations where the traffic in those areas shares certain privileges, based on the level of trust afforded by a security engineer” (Bejtlich, 2005, p. 45). According to Bejtlich (2005), there are four of these zones, or considerations. They are the perimeter, the demilitarized zone, the wireless zone, and the intranet. The perimeter is where sensors are typically deployed (Bejtlich, 2005). This is due to the fact that it receives the most visibility from class 1 attackers (Bejtlich, 2005). However, it is the most untrusted zone because of the vulnerability associated with the lack of control (Bejtlich, 2005). The demilitarized zone (DMZ) is another area where sensors are frequently deployed (Bejtlich, 2005). It includes the DMZ switch and firewall (Bejtlich, 2005).The wireless zone is all machines that have wireless connectivity (Bejtlich, 2005). It includes the wireless network and wireless access point firewall (Bejtlich, 2005). The intranet is another zone where sensors can be deployed, even though the perimeter and demilitarized zone are the preferred zones (Bejtlich, 2005). Intranet sensors experience a lot of traffic (Bejtlich, 2005). This could be why the intranet is monitored by practitioners via the internal networks as well as the critical internal hosts (Bejtlich, 2005).
Reference
Bejtlich, R. (2005). Security monitoring: Beyond intrusion detection [E-Reader Version]. Retrieved from The Tao of Network Security Monitoring
2) If any business entity does not know what's happening on their networks it probably means they are always going to be way behind the curve when it comes to attacks. That is where security monitoring products having full content data comes into play which will be very beneficial to analyze when and what is happening within their network which can help to decide what to do about them. Having full content data or capturing full packets provide the most flexibility and granularity when analyzing network-centric data. Addition to collecting the full content data, it is imperative to collect the data where analyst can see the true internet destination IP address for traffic of interest, and where you can see the true internal source IP address for traffic of interest (Bejtilch, 2012). However, for some of the businesses there could become issue of disk storage when capturing full content data of the network and it can add increase the cost to the business. In addition, disk might not be able to capture full content of aggregating traffic and ensuring that all data have been captured without significant loss at line speed can be difficult. With that in mind, at the beginning it would be much easier to get started monitoring only HTTP or DNS and prioritize some of the network segments such as those with PII, those that require PCI compliance, or any other important network which is critical from business perspective. In addition, by capturing data of some of the critical piece of network netflows will indicate if there is any problem and it will come to know if additional information is needed to monitor by capturing additional data of networks.
Reference:
https://taosecurity.blogspot.com/2012/11/why-collect-full-content-data.html?m=1
Number of Pages: 1 Page
Page Line Spacing: Double spaced (Default)
Academic Level: College
Paper Format: APA
Task 2
 Instructions: Use examples from the readings, or from your own research, to support your views, as appropriate. Encouraged to conduct research and use other sources to support your answers. Be sure to list your references at the end. References must be in APA citation format. A minimum of 250-300 words.
Describe and interpret the deployment considerations involved with using network security monitoring products to obtain full content data.
Number of Pages: 1 Page
Page Line Spacing: Double spaced (Default)
Academic Level: College
Paper Format: APA
CLICK HERE TO ORDER THIS PAPER FROM OUR WRITERS………………………NO PLAGIARISM Get 100% Original papers from the writing experts 
CLICK HERE TO GET A PROFESSIONAL WRITER TO WORK ON THIS PAPER AND OTHER SIMILAR PAPERS, GET A NON PLAGIARIZED PAPER FROM OUR EXPERTS……

Comments

Popular posts from this blog

Should pit bull terriers be banned in my community

 Discussion Forum: Counterarguments (Should pit bull terriers be banned in my community) You created a question about the topic for your W6 Rough Draft. For this discussion, you will give an answer to that question in the form of a thesis statement. "Dieting Makes People Fat" Main Post: Share your thesis statement with your classmates. Please note: As with last week’s discussion, nothing here is set in stone. Be open to changing everything about your topic, including your position and audience, as you research it and get feedback from your classmates. Topic + Position/Purpose + Supporting Points =Thesis Statement Example: Suppose the question you posed in the Week 5 discussion was something like, “Should pit bull terriers be banned in my community?” After doing some preliminary research, you have concluded that pit bulls, if raised properly, are no more dangerous than other breeds of dogs. Your thesis statement can be something like, “Pitbulls should not be banned

CYBER SECURITY and how it can impact today's healthcare system and the future

 Start by reading and following these instructions: Create your Assignment submission and be sure to cite your sources, use APA style as required, and check your spelling. Assignment: Recommendations Document Due Week 6 (100 pts) Main Assignment Recommendations Document The 1250 to 1500-word deliverable for this week is an initial draft of your recommendations. Note that this is a working document and may be modified based on insights gained in module eight and your professor's feedback. This document should contain the following elements: Summary of your problem or opportunity definition A list of possible recommendation alternatives. In this section, you are not yet at the point of suggesting the best set of recommendations but you are trying to be creative and explore all the different ways that the problem or opportunity might best be addressed. The end result here will be a list of alternatives among which you will choose your final recom

Do violent video games encourage players to become violent in real life?

 Write an outline for Speech 3, the persuasive belief speech, following the outline guidelines and formatting requirements (Do violent video games encourage players to become violent in real life?).  1000-1200 WORDS https://virtualspeech.com/blog/persuasive-speech-outline-structure-delivery Topics: https://blog.prepscholar.com/good-persuasive-speech-topics Do violent video games encourage players to become violent in real life? https://www.youtube.com/watch?v=YKKWOx43pIY WE HAVE DONE THIS ASSIGNMENT BEFORE, WE CAN ALSO DO IT FOR YOU GET SOLUTION FOR THIS ASSIGNMENT,  Get Impressive Scores in Your Class CLICK HERE TO MAKE YOUR ORDER   on Do violent video games encourage players to become violent in real life? Are You looking for Assignment and Homework Writing help?  We Provide High-Quality Academic Papers at Affordable Rates. No Plagiarism. TO BE RE-WRITTEN FROM THE SCRATCH