17 Explain security alerting and monitoring concepts and tools

Introduction

This chapter covers the fourth objective in Domain 4.0, Security Operations, of the CompTIA Security+ exam.

In this chapter, we will examine monitoring computing resources, paying particular attention to the system, appliances, and network security infrastructure. We’ll further explore alert activities, including log aggregation, alerting, scanning, reporting, and archiving, as well as response and remediation. The final sections will consider tools such as SCAP, SIEM, SNMP, and the Data Loss Prevention (DLP) tool that monitors the flow of data running through our network.

This chapter will give you an overview of why companies rely on these processes to keep their environments ...

Get CompTIA Security+ SY0-701 Certification Guide - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-701 Certification Guide - Third Edition by Ian Neil

17

Explain security alerting and monitoring concepts and tools

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly