From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Impact analysis
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Impact analysis
- [Narrator] Cybersecurity analysts are often overwhelmed by the volume of security information generated by the many systems that they operate or receive information from. It's simply not possible to investigate every alert triggered by a system, and it's important that you triage the alerts that you receive to investigate those that pose the greatest risk to the organization. The primary metric that we use to triage security events is their impact on the organization. The impact tells us the degree of damage that we believe is possible from an incident, and of course, we want to prioritize security events with the highest possible impact. Let's talk about the different factors that you should consider when assessing the impact of a security event. We'll use the impact categories developed by the National Institute of Standards and Technology in their risk assessment guidance. First, consider harm to individuals. Is…
Contents
-
-
-
-
(Locked)
Endpoint monitoring3m 23s
-
(Locked)
Malware prevention7m 17s
-
(Locked)
File system integrity monitoring4m 42s
-
(Locked)
Network monitoring4m 20s
-
(Locked)
Protocol analyzers6m 39s
-
(Locked)
DNS harvesting4m 30s
-
(Locked)
Intrusion detection and prevention8m 29s
-
(Locked)
Web security tools3m 40s
-
(Locked)
Impact analysis3m 50s
-
(Locked)
Querying logs7m 10s
-
(Locked)
-
-
-
-
-