Chapter 11. Monitoring and Auditing

This chapter covers the following subjects:

Monitoring Methodologies—Monitoring the network is extremely important, yet often overlooked by security administrators. In this section, you learn about the various monitoring methodologies that applications and IDS/IPS solutions use.

Using Tools to Monitor Systems and Networks—Here, we delve into the hands-on again. Included in this section are performance analysis tools such as Performance Monitor and protocol analysis tools, such as Wireshark and Network Monitor.

Conducting Audits—Full-blown audits might be performed by third-party companies, but you as the security administrator should be constantly auditing and logging the network and its hosts. This section ...

Get CompTIA Security+ SY0-301 Authorized Cert Guide, Deluxe Edition, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.