SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsEver wish you could observe, report, and react in a timely manner after an event occurred? Evidence information can disappear after time has passed and attacks can cause further harm if allowed to continue. The speed and manor in which you react can have an affect on the outcome. Using a Host Intrusion Prevention System (HIPS) can help prevent attacks from occurring, stop attacks in progress and gather evidence. This paper will cover configuring and implementing a Windows based log file monitoring HIPS. Using the HIPS to block remote password brute force attempts, leverage port knocking, work with a honey port, and work as part of a honey pot to gather evidence and report the incident to ISPs.