Chapter 19
Understanding Monitoring and Auditing
CERTIFICATION OBJECTIVES
19.01 Introduction to Monitoring
19.02 Monitoring Tools
19.03 Implementing Logging and Auditing
QQUESTIONS
Monitoring networks and host computers proactively can detect attacks or even prevent their success. Network-based intrusion detection systems detect and report suspicious network activity. Host-based intrusion detection systems detect and report suspicious host-based activity. Prevention systems can stop attacks once they have begun. Log files present a method of tracing activity that has already occurred. Today’s networks include logs in many places; you must know which log to consult under specific circumstances. Luckily, centrally monitoring and responding ...
Get CompTIA Security+ Certification Practice Exams, Third Edition (Exam SY0-501), 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.