CHAPTER 1 Intrusion Prevention and Intrusion Detection Systems Networks have evolved rapidly over the last several years, and so have the methods with which we defend those networks. Traditionally, intrusion detection systems (IDS) have been deployed as a security control or countermeasure to monitor, detect, and notify any unauthorized access to, abuse of, or misuse of information systems or network resources. There is another security control method more commonly used today than in the past known as intrusion prevention systems (IPS). This chapter will cover evaluating and choos- ing approaches to intrusion prevention and detection. This chapter begins with "Intrusion Detection Versus Intrusion Prevention," which is a re- view of the core concept of defense-in-depth security. Following the review, the chapter examines intrusion prevention terminology and intrusion prevention approaches, includ- ing other security controls and approaches. "Do I Know This Already?" Quiz The "Do I Know This Already?" quiz helps you determine your level of knowledge of this chapter's topics before you begin. Table 1-1 lists the major topics discussed in this chapter and their corresponding quiz questions. The answers to the "Do I Know This Already?" quiz appear in Appendix A. Table 1-1 "Do I Know This Already?" Foundation Topics Section-to-Question Mapping Foundation Topics Section Intrusion Prevention Terminology Intrusion Detection Versus Intrusion Prevention Systems Intrusion Prevention Approaches Endpoint Security Controls A Systems Approach to Security Questions 1, 2 3 4, 5 6­9 10