Free Preparation Discussions
MENU
Oracle Exam 1Z0-997-20 Topic 8 Question 5 Discussion
Topic #: 8
An organization has its IT infrastructure in a hybrid setup with an on-premises environment and an Oracle Cloud Infrastructure (OCI) Virtual Cloud Network (VCN) in the us-phonix-1 region. The on-premise applications communications with compute instances inside the VPN over a hardware VPN connection. They are looking to implement an Intrusion detected and Prevention (IDS/IPS) system for their OCI environment. This platform should have the ability to scale to thousands of compute of instances running inside the VCN.
How should they architect their solution on OCI to achieve this goal?
in Transit routing through a private IP in the VCN you set up an instance in the VCN to act as a firewall or intrusion detection system to filter or inspect the traffic between the on-premises network and Oracle Services Network.
The Networking service lets you implement network security functions such as intrusion detection,
application-level firewalls In fact, the IDS model can be host-based IDS (HIDS) or network-based IDS (NIDS). HIDS is installed at a host to periodically monitor specific system logs for patterns of intrusions. In contrast, an NIDS sniffs the traffic to analyze suspicious behaviors. A signature-based NIDS (SNIDS) examines the traffic for patterns
of known intrusions. SNIDS can quickly and reliably diagnose the attacking techniques and security holes without generating an over-whelming number of false alarms because SNIDS relies on known signatures.
However, anomaly-based NIDS (ANIDS) detects unusual behaviors based on statistical methods. ANIDS
could detect symptoms of attacks without specific knowledge of details. However, if the training data of the
normal traffic are inadequate, ANIDS may generate a large number of false alarms.
Currently there are no comments in this discussion, be the first to comment!