Need to Answer according to each question separately.
Q1) Search “scholar.google.com” or your textbook. Include at least 250 words in your reply. Indicate at least one source or reference in your original post. Discuss ways organizations have built a CSIRT. What are the components of building an effective and successful CSIRT team?
2. Using a Web browser, look for the open-source and freeware intrusion detection tools listed in the chapter. Next, identify two to three commercial equivalents. What would the estimated cost savings be for an organization to use the open-source or freeware versions? What other expenses would the organization need to incur to implement this solution?
3. Using a Web browser, search on the term intrusion prevention systems. What are the characteristics of an IPS? Compare the costs of a typical IPS to an IDP. Do they differ? What characteristics justify the difference in cost, if any?
4. Using a Web browser, visit the site www.honeynet.org. What is this Web site, and what does it offer the information security professional? Visit the “Know your Enemy” whitepaper series and select a paper based on the recommendation of your professor. Read it and prepare a short overview of your class.
5. Using Table 5-4 and a Web browser, search on a few of the port numbers known to be used by hacker programs, such as Sub-7, Midnight Commander, and Win Crash. What significant information did you find in your search? Why should the information security manager be concerned about these hacker programs? What can he or she do to protect against them?
6. Using the list of possible, probable, and definite indicators of an incident, draft a recommendation to assist a typical end-user in identifying these indicators. Alternatively, using a graphics package such as PowerPoint, create a poster to make the user aware of the key indicators.