22 Given a scenario, use data sources to support an investigation

Introduction

This chapter covers the ninth objective in Domain 4.0, Security Operations, of the CompTIA Security+ Exam.

An important part of the security framework is the understanding and effective utilization of log data and various data sources. This chapter looks at diverse types of log files such as firewall, application, endpoint, and system logs, each serving a unique role in fortifying an organization’s defenses. The chapter also looks at the integral role of vulnerability scans, automated reports, dashboards, and packet captures in maintaining a secure network environment, including vulnerability scans, dashboards, and packet capturing.

This chapter will give you an overview ...

Get CompTIA Security+ SY0-701 Certification Guide - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-701 Certification Guide - Third Edition by Ian Neil

22

Given a scenario, use data sources to support an investigation

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly