CHAPTER 8
Monitoring and Analysis

In this chapter, you will learn about

• Security alerts and false positives

• Network-based and host-based intrusion detection systems

• Intrusion prevention systems

• Methods of detecting and preventing attacks

• File integrity checkers

• Honeypots, honeynets, and padded cells

• Event and incident managers such as SIMs, system event managers (SEMs), and SIEMs

• Vulnerability assessments test types

• Vulnerability assessment tools

• Penetration tests