1. Explain what port Mirroring is and why it was necessary to enable this for Intrusion Detection. What component of an IDS system could have taken this step's place?
2. What is the purpose of SGUIL on the Security Onion system?
ANS :-
1. PART-1 :- Port mirroring is normally used for monitoring network traffic which is used basically on network switch to send copy of network packets seen in network switch port. It is actually observing and catching of network packets.
It is necessary to enable Port Mirroring for Intrusion Detection because Intrusion Detection is a major network trafficking which can cause loss for a company and also data breaches and can harm customer trust.
Part -2:- The component of an IDS system could have taken this steps place are :-
2. SGUIL is an implementation of Network Security monitoring system. The purpose of SGUIL on the security Onion system are :-
Get Answers For Free
Most questions answered within 1 hours.