Exam Objectives 4.4
Explain security alerting and monitoring concepts and tools.
- Monitoring computing resources: Continuously observing and analyzing the performance and status of computing resources
- Systems: In the context of monitoring, this refers to overseeing the operations and performance of individual components
- Applications: Tracking the performance, availability, and usage of software programs
- Infrastructure: Monitoring of the hardware, software, networks, and facilities required for IT operations
- Activities: Observation and analysis of actions or events occurring within a computing environment
- Log aggregation: Collecting and consolidating log data from multiple sources
- Alerting: Notifications or alarms in response to events
- Scanning: Examining networks, systems, or applications to identify security weaknesses
- Reporting: Creating and disseminating summaries of alerts and scans
- Archiving: Storing historical data securely
- Alert response and remediation/validation: Reacting...