O'Reilly logo

Applied Network Security Monitoring by Jason Smith, Chris Sanders

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Index

Note: Page numbers followed by b indicate boxes, f indicate figures and t indicate tables.

A

Advanced Intrusion Detection Environment (AIDE), 72
Analysis process
diagnosis
candidate conditions, 432
diagnosis, 432
evaluation, 431–432
scenarios, 433–438
symptoms list, 431
morbidity and mortality (M&M)
audience, 444
information security, See (Information security M&M)
practices
Arcsight, 441
assumptions, 438–439
background, 439–440
cyber event categorization system, 441–442
Netwitness, 441
Network Miner, 441
rule of 10’s, 442
SIEM solution, 439
systems administration backgrounds, 439–440
Wireshark, 441
relational investigation
additional degrees of subjects relation, 423f, 425
perform preliminary investigation, 423f, 424
primary relationships ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required