Discuss the differences between an anomaly-based and a misuse-based detection model?
Which would you use to protect a corporate network of 10,000 users? Why would you choose that model?
Pick three technologies discussed in this chapter( anomaly-based intrusion detection system(IDS) or a Network based Intrusion Detection System, intrusion prevention system (IPS) and Protocol Analyzers) and describe how you deploy them to protect a small business network.
Describe the protection each technology provides?
APA format , 3-4 references.