CHAPTER 11Security Monitoring

Objectives

Upon completion of this chapter, you will be able to answer the following questions:

  • What is the behavior of common network protocols in the context of security monitoring?

  • How do security technologies affect the ability to monitor common network protocols?

  • What are the types of data used in security monitoring?

  • What are the elements of an end device log file?

  • What are the elements of a network device log file?

Key Terms

This chapter uses the following key terms. You can find the definitions in the Glossary.

Tor page 512

load balancing page 512

Snort page 514

Sguil page 514

session data page 515

Bro page 515

transaction data page 515

statistical data page 517

tcpdump page 526

NextGen IPS page 535 ...

Get CCNA Cybersecurity Operations Companion Guide, First Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial