Wk4 Discussion Compromise Indicators
Respond to the following in a minimum of 175 words:
An important part of managing security in connections and communications between a secured network and the Internet at-large is to have a benchmark for what normal traffic looks like. Many applications exist for the purpose of monitoring, probing, or scanning traffic-related events to catch irregularities that can inform a deeper investigation.
- What types of irregularities could signal a potential security event or incident? Describe at least 2 types of indicators.
- Which tools would you recommend to track these indicators and how would you respond to these occurrences on your network? How would you determine if these indicators signaled a real threat?