From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 3 Information Security Program

Unlock the full course today

Join today to access over 24,200 courses taught by industry experts.

File integrity monitoring

File integrity monitoring

- [Instructor] File integrity monitoring is an important component of a defense-in-depth approach to cybersecurity. We have many different defenses designed to keep our endpoint systems safe. Antivirus software is designed to detect malicious files before they gain a foothold on endpoints. Centralized multifactor authentication prevents attempts to compromise user accounts. Host intrusion detection and prevention systems alert us to potential compromises, and sometimes even block them. However, the principle of defense-in-depth suggests that we should have controls in place that can help us detect an intrusion even when those other systems fail. File integrity monitoring is a great example of this type of control. File integrity monitoring systems watch the file system of an endpoint or server for any unexpected changes, and then report those changes to an administrator for further investigation. They perform this…

Contents