2 cissp ® Official Study Guide Eighth Edition


Understand penetration testing



Download 19,3 Mb.
Pdf ko'rish
bet742/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   738   739   740   741   742   743   744   745   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Understand penetration testing.
Penetration tests start by discovering vulnerabilities and 
then mimic an attack to identify what vulnerabilities can be exploited. It’s important to 
remember that penetration tests should not be done without express consent and knowl-
edge from management. Additionally, since penetration tests can result in damage, they 
should be done on isolated systems whenever possible. You should also recognize the differ-
ences between black-box testing (zero knowledge), white-box testing (full knowledge), and 
gray-box testing (partial knowledge).
Know the types of log files.
Log data is recorded in databases and different types of log 
files. Common log files include security logs, system logs, application logs, firewall logs, 
proxy logs, and change management logs. Logs files should be protected by centrally stor-
ing them and using permissions to restrict access, and archived logs should be set to read-
only to prevent modifications.
Understand monitoring and uses of monitoring tools.
Monitoring is a form of audit-
ing that focuses on active review of the log file data. Monitoring is used to hold subjects 
accountable for their actions and to detect abnormal or malicious activities. It is also used 
to monitor system performance. Monitoring tools such as IDSs or SIEMs automate moni-
toring and provide real-time analysis of events.
Understand audit trails.
Audit trails are the records created by recording information 
about events and occurrences into one or more databases or log files. They are used to 
reconstruct an event, to extract information about an incident, and to prove or disprove 
culpability. Using audit trails is a passive form of detective security control, and audit trails 
are essential evidence in the prosecution of criminals.
Understand sampling.
Sampling, or data extraction, is the process of extracting ele-
ments from a large body of data to construct a meaningful representation or summary of 
the whole. Statistical sampling uses precise mathematical functions to extract meaningful 
information from a large volume of data. Clipping is a form of nonstatistical sampling that 
records only events that exceed a threshold.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   738   739   740   741   742   743   744   745   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish