Home > Articles > Cisco Network Technology > General Networking > Intrusion Detection: Cisco IDS Overview

Intrusion Detection: Cisco IDS Overview

Chapter Description

Cisco Secure IDS is a network-based intrusion detection system that uses a signature database to trigger intrusion alarms. The major components are a sensor platform and a director platform. The sensor platform monitors the network and the director platform provides a single GUI management interface for the end user. This chapter describes the available plaforms and explains how they interact.

This sample chapter is excerpted from Cisco Secure Intrusion Detection Systems.

Review Questions

The following questions test your retention of the material presented in this chapter. The answers to the Review Questions are in Appendix K, "Answers to Review Questions."

1. What are the two main components of the Cisco Secure IDS?

2. Is Cisco Secure IDS a network-based IDS?

3. What is intrusion detection?

4. What are the two Cisco Secure IDS Director platforms?

5. What are the features of the PostOffice protocol?

6. What is the IDS triggering mechanism used by Cisco Secure IDS?

7. How many different types of sensor platforms are supported by Cisco Secure IDS?

8. What are the two 4200 Series Sensors?

9. What are the three types of responses that a sensor can perform in reply to an attack?

10. How do Cisco Secure IDS devices communicate with each other?

11. What three identifiers are used to construct a unique addressing scheme for Cisco Secure IDS?

12. Can multiple systems share the same host ID?