Responding to Security Incidents
Normal information system operation consists of a large number of actions and responses. Users log in, access resources, run programs, and then log out. During sessions (between logging in and logging out), lots of traffic flows around your network. And users aren’t the only entities to create network traffic. Services listen for requests and respond to those requests. Each action and response that occurs in a computing environment is called an event. An event is any observable occurrence in a computer, device, or network. Think of an event as being anything that you may see reported in a log file—it can be both good and bad. Any event that results in a violation of the security policy, or poses an imminent ...
Get Fundamentals of Communications and Networking, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
