5-1. Using a Web browser, look for the open source and freeware intrusion detection tools listed in the chapter. Next, identify two to three commercial equivalents. What would the estimated cost savings be for an organization touse the open source or freeware versions? What other expenses would the organization need to incur to implement this solution?
5-2. Using a Web browser, search on the term intrusion prevention systems. What are the characteristics of an IPS? Compare the costs of a typical IPS to an IDPS. Do they differ?What characteristics justify the difference in cost, if any?
5-3. Using a Web browser, visit the site www.honeynet.org. What is this Web site, and what does it offer the information security professional? Visit the “Know your Enemy” white-paper series and select a paper based on the recommendation of your professor. Read it and prepare a short overview for your class.
6-1. Using a Web browser, search for “incident response training.” Look through
the first five results and identify one or two companies that offer such training.
Pick one company and look at the course offerings. Locate a course that can train you to create a CSIRT. How many days will that course take?
6-2. Using a Web browser, search for “incident response template.” Look through the first
five results and choose one for further investigation. Take a look at it and determine if you think it would be useful to an organization creating a CSIRT. Why or why not?
6-3. Visit the Web site at www.first.org/global/practices. Look for information about best
practices contests. When was the last one held and in which city? What value would
such a contest have for individuals interested in incident response?
Complete the real world exercises at the end of the chapter. Write your answers in complete sentences and use APA formatting rules. Each answer should be a minimum of 7 lines.
End of chapter 5 Real world exercises (page 218)
End of chapter 6 Real world exercises (page 257)