Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA N10-007 Network+ > Process Monitoring > Flashcards

Process Monitoring Flashcards

1
Q

Log management

A
  • Very diverse log sources
    • And quite large
  • Usually sent via syslog
    • Stored in a large drive array
  • Massive storage requirement
    • There’s never enough
  • Data rollup becomes important
    • Take samples every minute
    • Keep 5-minute samples for 30 days
    • After 30 days, rollup to 1 hour sample times
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Data graphing

A
  • Many different data sources
    • Raw logs
    • Summarized metadata
  • Usually managed through a SIEM
    • Turn raw data into something visual
  • Graphing can require extensive resource utilization
    • Churn through terabytes of data
  • Can use built-in graphs
    • Or build custom reports
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Port scanning

A
  • Nmap - Network mapper
    • Find and learn more about network devices
  • Port scan
    • Find devices and identify open ports
  • Operating system scan
    • Discover the OS without logging in to a device

• Service scan
• What service is available on a device? Name,
version, details

• Additional scripts
• Nmap Scripting Engine (NSE) - extend capabilities,
vulnerability scans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Vulnerability scanning

A
  • Usually minimally invasive
    • Unlike a penetration test
  • Run a vulnerability scanner
    • Poke around and see what’s open

• Identify systems and security devices

  • Test from the outside and inside
    • Don’t dismiss insider threats
  • Gather as much information as possible
    • We’ll separate wheat from chaff later
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vulnerability scan results

A
  • Lack of security controls
    • No firewall, no anti-virus, no anti-spyware
  • Misconfigurations
    • Open shares, guest access
  • Real vulnerabilities
    • Especially newer ones
    • Occasionally the old ones
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Patch management

A
  • Incredibly important
    • System stability, security fixes

• Service packs - All at once

  • Monthly updates
    • Incremental (and important)
  • Emergency out-of-band updates
    • Zero-day and important security discoveries
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Protocol analyzers

A
  • Solve complex application issues
    • Get into the details
  • Gathers packets on the network
    • Or in the air
    • Sometimes built into the device
  • View traffic patterns
    • Identify unknown traffic
    • Verify packet filtering and security controls
  • Large scale storage
    • Big data analytics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA N10-007 Network+ (86 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions