Index
Note: Page numbers followed by b indicate boxes, f indicate figures and t indicate tables.
A
Advanced Intrusion Detection Environment (AIDE), 72
Analysis process
diagnosis
candidate conditions, 432
diagnosis, 432
evaluation, 431–432
scenarios, 433–438
symptoms list, 431
morbidity and mortality (M&M)
audience, 444
information security, See (Information security M&M)
practices
Arcsight, 441
assumptions, 438–439
background, 439–440
cyber event categorization system, 441–442
Netwitness, 441
Network Miner, 441
rule of 10’s, 442
SIEM solution, 439
systems administration backgrounds, 439–440
Wireshark, 441
relational investigation
primary relationships ...
Get Applied Network Security Monitoring now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
