Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
CISA – Certified Information Systems Auditor Study Guide

You're reading from   CISA – Certified Information Systems Auditor Study Guide Aligned with the CISA Review Manual 2019 to help you audit, monitor, and assess information systems

Arrow left icon
Product type Paperback
Published in Aug 2020
Publisher Packt
ISBN-13 9781838989583
Length 590 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Hemang Doshi Hemang Doshi
Author Profile Icon Hemang Doshi
Hemang Doshi
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Section 1: Information System Auditing Process
2. Audit Planning FREE CHAPTER 3. Audit Execution 4. Section 2: Governance and Management of IT
5. IT Governance 6. IT Management 7. Section 3: Information Systems Acquisition, Development, and Implementation
8. Information Systems Acquisition and Development 9. Information Systems Implementation 10. Section 4: Information System Operations and Business Resilience
11. Information System Operations 12. Business Resilience 13. Section 5: Protection of Information Assets
14. Information Asset Security and Control 15. Network Security and Control 16. Public Key Cryptography and Other Emerging Technologies 17. Security Event Management 18. Other Books You May Enjoy

Security monitoring tools and techniques

Monitoring security events is a very important aspect of information security. Two important monitoring tools are Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). IDS only monitor, record, and provide alarms about intrusion activity, whereas IPS also prevent intrusion activities.

Let's study each of them in detail.

Intrusion detection system

An IDS helps to monitor a network (network-based IDS) or a single system (host-based IDS) with the aim of recognizing and detecting an intrusion activity.

Network-based and host-based IDS

The following table differentiates between network-based and host-based IDS:

Network-based IDS Host-based IDS
It monitors activities across the network It monitors the activities of a single system or host.
Comparatively, network-based IDS have high false positives (in other words, a high rate of false alarms) Host-based IDS have low false positives (in other words, a low rate of false...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at AU $24.99/month. Cancel anytime