What Are the Layers of the OSI Reference Model and Where Do IDP Systems Operate?

Posted on 12:24 PM by Bharathvn

The purpose of this question is to probe your grasp of networking fundamentals and how an IDP system fits into the mix. You should be able to spout off the OSI layers and TCP/IP layers without hesitation. Refer to Figure 7-1 if you do not remember.
Most IDP systems can detect attacks and perform stateful protocol analysis at Layers 3 and above. Maintaining state information is one key for today’s sophisticated attacks. Also key is the ability to handle IP fragmentation, TCP segmentation, protocol (or RFC) ambiguity, content matching and quoting, as well as application layer fragmentation such as RPC record fragmentation.