Scribd
Upload
19 views2 pages

AIAS1 Week10 Activity1

The document outlines an activity to build a simulated Intrusion Detection and Prevention System (IDPS) to understand its principles and explore security tools. It includes steps for creating a network environment, identifying vulnerabilities, configuring an IDPS, simulating attacks, and evaluating the IDPS's effectiveness. Additional considerations suggest exploring real-world scenarios, customizing the IDPS, and emphasizing continuous monitoring.

Uploaded by

abbyg.basa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
19 views2 pages

AIAS1 Week10 Activity1

The document outlines an activity to build a simulated Intrusion Detection and Prevention System (IDPS) to understand its principles and explore security tools. It includes steps for creating a network environment, identifying vulnerabilities, configuring an IDPS, simulating attacks, and evaluating the IDPS's effectiveness. Additional considerations suggest exploring real-world scenarios, customizing the IDPS, and emphasizing continuous monitoring.

Uploaded by

abbyg.basa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Activity 1: Building a Simulated Intrusion Detection System

Objective: To understand the basic principles of intrusion detection and prevention systems
(IDPS) and explore other security tools.

Materials:

 A computer with internet access


 A virtual machine (optional)
 A network simulator (e.g., Wireshark, GNS3)
 Basic knowledge of networking and cybersecurity

Instructions:

1. Create a Network Environment:


o Set up a virtual network environment using a network simulator.
o Create multiple devices (e.g., routers, switches, servers, workstations) to simulate
a real-world network.
2. Identify Vulnerable Points:
o Analyze the network topology and identify potential vulnerabilities.
o Consider factors like open ports, weak passwords, and outdated software.
3. Configure Intrusion Detection System:
o Choose an open-source IDPS (e.g., Snort, Suricata) and install it on a designated
server within the network.
o Configure the IDPS to monitor network traffic for suspicious activity, such as
known attack signatures and anomalies.
4. Simulate Attacks:
o Use tools like Metasploit or Nmap to launch simulated attacks on the network.
o Target vulnerable devices and attempt to exploit known vulnerabilities.
5. Observe IDPS Response:
o Monitor the IDPS logs and alerts to see how it responds to the simulated attacks.
o Analyze the detected threats and the actions taken by the IDPS.
6. Evaluate IDPS Effectiveness:
o Assess the IDPS's ability to detect and prevent the simulated attacks.
o Identify any false positives or false negatives.
o Consider the impact of the IDPS on network performance.
7. Explore Other Security Tools:
o Research and experiment with other security tools, such as firewalls, antivirus
software, and vulnerability scanners.
o Understand how these tools work in conjunction with IDPS to enhance overall
network security.

Additional Considerations:
 Real-World Scenarios: Consider simulating more complex attack scenarios, such as
distributed denial-of-service (DDoS) attacks or social engineering techniques.
 Customization: Customize the IDPS ruleset to match your network environment and
security requirements.
 Continuous Monitoring: Emphasize the importance of ongoing monitoring and
maintenance of the IDPS to ensure its effectiveness.

You might also like