New Training: Harden Security Controls
In this 9-video skill, CBT Nuggets trainer Jacob Moran teaches you how to identify relevant data from different locales and associate it with security implications. Watch this new CompTIA training.
Watch the full course: CompTIA Cybersecurity Analyst
This training includes:
- 9 videos
- 53 minutes of training
You’ll learn these topics in this skill:
- Intro to Improving Security Configuration
- Hardening Permissions
- Creating Blacklists and Whitelists
- Hardening Firewall Configurations
- Defining Intrusion Prevention System (IPS) Rules
- Integrating Data Loss Prevention (DLP)
- Enabling Endpoint Detection and Response (EDR)
- Instituting Network Access Control (NAC)
- Creating Honeypots, Sinkholes, and Sandboxes
IDS vs IPS: What’s the Difference?
Today, the modern IT environment employs many different technologies and strategies to harden their perimeter security posture, limiting the risk of malicious users gaining access to their sensitive data. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are two very common solutions found in a majority of IT infrastructures that contribute to today’s sophisticated data security architecture.
An Intrusion Detection System or IDS is a network activity appliance that monitors traffic passed over a network with the intention of detecting malicious activity taking place over the network. IDS works by creating copies of data transmitted over the network and assessing the integrity of the data. Importantly to note, an IDS will flag suspicious activity but does not actually remove the suspicious data that’s been identified.
In comparison, an intrusion Protection System or IPS works to mitigate malicious attacks by actually removing malicious data packers from the network once identified as potentially harmful. These two security measures, when used together, can greatly reduce the possibility of cyberattacks by actively monitoring and removing suspicious data packets transmitted within a network.