WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Notes from CISSP class with Dr. Eric Cole

From: Saqib Ali <docbook.xml () gmail com>
Date: Wed, 5 Oct 2005 07:52:07 -0700
Hello Garth,

While I agree with most of what you said, what I published at
< http://www.xml-dev.com/blog/?action=viewtopic&id=150 > is what is
required for CISSP certification. CISSP is theoratical exam, and
sometimes practical knowledge, can lead you to wrong answers on the
test.

On 10/4/05, Garth Somerville <therealgarth () yahoo com> wrote:

.... The notes are available at:
http://www.xml-dev.com/blog/?action=viewtopic&id=150


Hello Saqib:
Under "IDS Events Defined," you make a great
observation about IDS, but classifying all traffic as
either "Attack Traffic" or "Normal Traffic" can be
misleading as it relates to the next section, "IDS
Methods of Operation."  Not all abnormal traffic
represents an attack, and not all normal traffic
represents authorized activity.  Also, positioning
anomaly detection as being both default deny and more
secure could be misleading.


--
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.
Previous By Date Next
Previous By Thread Next

Current thread: