CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition

Chapter 19

Understanding Monitoring and Auditing

CERTIFICATION OBJECTIVES

19.01 Introduction to Monitoring

19.02 Monitoring Tools

19.03 Implementing Logging and Auditing

QUESTIONS

Monitoring networks and host computers proactively can detect attacks or even prevent their success. Network-based intrusion detection systems (IDSs) detect and report suspicious network activity. Host-based intrusion detection systems (HIDSs) detect and report suspicious host-based activity. Intrusion prevention systems (IPSs) can stop attacks once they have begun.

Log files present a method of tracing activity that has already occurred. Today’s networks include logs in many places; you must know which log to consult under specific circumstances. Luckily, ...

Get CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition by Daniel Lachance, Glen E. Clarke

Chapter 19

QUESTIONS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly