CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002), 2nd Edition

CHAPTER 11 Data Analysis in Security Monitoring Activities

In this chapter you will learn:

• Best practices for security data analytics using automated methods

• Common sources for system and event logs and methods of analyzing them for security operations.

• Advanced techniques for e-mail analysis

• Processes to help you continually improve your security operations

Experts often possess more data than judgment.

—Colin Powell

Modern corporate networks are incredibly diverse environments, with some generating gigabytes of data every day in just logging and event information. Scripting techniques and early monitoring utilities are quickly approaching the end of their usefulness, because the variety and volume of data now exceed what ...

Get CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002), 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002), 2nd Edition by Brent Chapman, Fernando Maymi

CHAPTER 11

Data Analysis in Security Monitoring Activities

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly