- What
is Intrusion Detection (The Big Picture)?
- Business
Case one (Legal issue)
- Business
Case two (who to protect against
(internal vs. external or partners)
- Terminology
(Lets all talk the same talk)
- Host
based vs. network based, Operating
Systems, Database systems, server
systems, Instance Response, etc).
- History
(Where we’ve been and where should we
go)
- Business
Case three (Homogeneous vs.
Heterogeneous architecture)
- Instance
Response (The reality)
- Business
Case four (thought provoking
conversations with team)
- What
environment do you wish to protect.
- Business
Case five (various issues discussed;
architectures, switching and bandwidth
issues to name but a few)
- How
can we hope to protect it all
- Business
Case six (Discuss correct pilot
implementations, closing the scope to
make it manageable).
- Open
Discussion (what needs to be discussed in
follow on meetings, or further education
studies)
- Types
of attacks
- Active
responses
- Data
definitions (what needs to be
protected)
- When
to get outside help (notify police/
FBI)
- CIRT
activity (developing your own)
- To
name a few
|
