Monitoring and Intrusion Detection

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Monitoring and Intrusion Detection:

Monitoring: Monitoring is making certain authenticated users are held accountable for their actions while logged onto a system, as well as tracking unauthorized or abnormal activities on a system and system failures.

Accountability is achieved by noting the activities of users and system services that form the operating environment and security mechanisms. A log of activities provides a record for troubleshooting analysis and supplies evidential material for legal situations. Auditing is the process of going back and reviewing these logs and it typically incorporated into many operating systems.

Audits can be used to measure a system’s health and performance. System crashes may indicate defective programs, or invasive attempts from an unauthorized source. Logs prior to a system crash can help determine the cause.

Intrusion Detection System (IDS): An Intrusion Detection System (IDS) is a detective access control system programmed for ongoing monitoring of network activities and to trace any scanning and probing activities, or red flags that indicate unauthorized attempts to access the system in real-time. IDS can also be programmed to scan for potential attacks, follow an attacker’s actions, send out alerts to warn of a pending attack, scan the system for weak points and implement mechanisms that will prevent unauthorized access. It can also trace system failures and diagnose system performance. Damaging or invasive events detected by IDS can originate from: viruses; malicious code; external connections; trusted internal users engaging in unauthorized activities; and unauthorized access attempts from trusted locations.

IDS systems can be split into two general categories:

View Topics

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?