Security Monitoring
Audits can be resource intensive and require substantial time to complete. For most organizations, continuous auditing isn’t cost-effective, but it is important to pay attention to network performance between audits. That is the purpose of monitoring. The primary purpose of monitoring is to detect abnormal behavior, which is behavior that deviates from normal baselines. Security monitoring systems might be technical in nature, such as an intrusion detection system (IDS), or they might be administrative—for example, observing employee or customer behavior on a closed-circuit TV.
Most attackers know that controls can stop them from being successful. One technique is to disable monitoring controls that are in place. Alternatively, ...
Get Fundamentals of Communications and Networking, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
