2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet728/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   724   725   726   727   728   729   730   731   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Clipping Levels 
Clipping is a form of nonstatistical sampling. It selects only events that exceed a
clipping 
level
, which is a predefi ned threshold for the event. The system ignores events until they 
reach this threshold. 
As an example, failed logon attempts are common in any system as users can easily 
enter the wrong password once or twice. Instead of raising an alarm for every single failed 
logon attempt, a clipping level can be set to raise an alarm only if it detects fi ve failed logon 
attempts within a 30-minute period. Many account lockout controls use a similar clipping 
level. They don’t lock the account after a single failed logon. Instead, they count the failed 
logons and lock the account only when the predefi ned threshold is reached. 
Clipping levels are widely used in the process of auditing events to establish a baseline of 
routine system or user activity. The monitoring system raises an alarm to signal abnormal 
events only if the baseline is exceeded. In other words, the clipping level causes the system 
to ignore routine events and only raise an alert when it detects serious intrusion patterns. 
In general, nonstatistical sampling is discretionary sampling, or sampling at the audi-
tor’s discretion. It doesn’t offer an accurate representation of the whole body of data and 
will ignore events that don’t reach the clipping level threshold. However, it is effective when 
used to focus on specifi c events. Additionally, nonstatistical sampling is less expensive and 
easier to implement than statistical sampling. 
Both statistical and nonstatistical sampling are valid mechanisms to create 
summaries or overviews of large bodies of audit data. However, statistical 
sampling is more reliable and mathematically defensible.

Logging, Monitoring, and Auditing 

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   724   725   726   727   728   729   730   731   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish