Discuss the differences between ananomaly-based and a misuse-based detection model?
Which would you use to protect a corporate network of 10,000 users? Why would you choose that model?
Pick three technologies discussed in this chapter and describe how you deploy them to protect a small business network.
Describe the protection each technology provides?