From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
File system integrity monitoring
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
File system integrity monitoring
- [Instructor] File integrity monitoring is an important component of a defense in depth approach to information security. We have many different defenses designed to keep endpoints systems safe. Anti-viral software is designed to detect malicious files before they gain a foothold on endpoints. Centralized multi-factor authentication prevents attempts to compromise user accounts. Host intrusion detection and prevention systems alert us to potential compromises and block them. However the principle of defense in depth suggest that we should have controls in place that can help us detect an intrusion even when those other systems fail. File integrity monitoring is a great example of this type of control. File integrity monitoring systems watch the file system of an endpoint or server for any unexpected changes and then report those changes to an administrator for further investigation. They perform this function…
Contents
-
-
-
-
(Locked)
Endpoint monitoring3m 23s
-
(Locked)
Malware prevention7m 17s
-
(Locked)
File system integrity monitoring4m 42s
-
(Locked)
Network monitoring4m 20s
-
(Locked)
Protocol analyzers6m 39s
-
(Locked)
DNS harvesting4m 30s
-
(Locked)
Intrusion detection and prevention8m 29s
-
(Locked)
Web security tools3m 40s
-
(Locked)
Impact analysis3m 50s
-
(Locked)
Querying logs7m 10s
-
(Locked)
-
-
-
-
-