Summary
This chapter covered monitoring and alerting methods and their importance to network security. This included tools such as SIEM systems, vulnerability scanners (which use the CIS Benchmarks as well as monitoring the network for missing patches and software flaws to keep their servers secure), SNMP (which provides states and reports of network devices), and DLP tools, which prevent PII and sensitive data from leaving the network.
The knowledge gained in this chapter will prepare you to answer any questions relating to Exam Objective 4.4 in your CompTIA Security+ certification exam.
The next chapter of the book is Chapter 18, Given a scenario, modify enterprise capabilities to enhance security.