4.5. Compare and contrast various types of monitoring methodologies.
There are many tools used for monitoring or overseeing the activities within the complex infrastructures of networks and systems, such as performance monitors, system monitors, IDS, protocol analyzers, etc. Many of these tools also support one or more methodologies of monitoring. These methodologies determine how a tool knows when a measurement or event is normal, abnormal, benign, malicious, etc.
NOTE
For more information on this topic, see Chapter 3 of the CompTIA Security+ Study Guide, 4th Edition (Sybex, November 2008).
4.5.1. Behavior-based
A behavior-based monitoring or detection method relies upon the establishment of a baseline or a definition of normal and benign. ...
Get CompTIA Security+™: Review Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
