From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Endpoint monitoring

Endpoint monitoring

- [Narrator] We have a tremendous number of diverse computing endpoints throughout our organizations. In addition to the many desktop and laptop computers used by individuals, and servers in our data centers in the cloud, we have mobile devices, Internet of Things sensors, and many other network enabled devices running on our networks. These endpoints are often the first target of attackers seeking to penetrate our defenses. They target relatively unprotected endpoints in the hope that they will be able to use that access as a jumping off point for a larger attack. This makes monitoring endpoints a crucial task for cybersecurity analysts. This monitoring should begin with the basics. Organizations are likely already monitoring processor activity, memory consumption, and file system activity, for signs of operational issues. These same metrics can provide important security insight as well. For example, unexplained spikes…

Contents