CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-002), 2nd Edition

CHAPTER 11

Data Analysis in Security Monitoring Activities

This chapter includes questions on the following topics:

• Best practices for security analytics using automated methods

• Techniques for basic manual analysis

• Applying the concept of “defense in depth” across the network

• Processes to continually improve your security operations

You can’t defend. You can’t prevent. The only thing you can do is detect and respond.

–Bruce Schneier

Analyzing security monitoring data is a huge endeavor and not for the faint of heart. Security analysts working in a security operations center (SOC) setting can quickly get inundated with thousands, tens of thousands, or hundreds of thousands of events from various sensors and security logs ...

Get CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-002), 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-002), 2nd Edition by Kelly Sparks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly