From the course: CISSP Cert Prep (2021): 4 Communication and Network Security
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Network monitoring
From the course: CISSP Cert Prep (2021): 4 Communication and Network Security
Network monitoring
- [Instructor] Firewalls and network devices are on the frontlines of security and their logs contain important information for security professionals. These logs are useful when investigating security incidents, troubleshooting network issues, and monitoring networks for suspicious activity. Firewall logs are one of the richest possible sources of information. When configured properly, firewalls create log entries for each and every connection attempted on a network, whether it was allowed or denied. The log entries contain quite a bit of useful information, including details about the attempted connection, including source and destination IP addresses and ports. They include a timestamp indicating when the connection took place and the identity of the firewall rule that either authorized or denied the connection. Let's think about some scenarios where these logs might be very useful. First, in the aftermath of a security…
Contents
-
-
-
-
-
-
Restricting network access2m 8s
-
(Locked)
Network access control4m 30s
-
(Locked)
Firewall rule management4m 9s
-
(Locked)
Router configuration security4m 5s
-
(Locked)
Switch configuration security3m 42s
-
(Locked)
Maintaining network availability2m 34s
-
(Locked)
Network monitoring4m 2s
-
(Locked)
SNMP2m 54s
-
(Locked)
Isolating sensitive systems1m 58s
-
(Locked)
Deception technologies2m 51s
-
(Locked)
Network support1m 35s
-
-
-
-
-
-
-