From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 3 Information Security Program
Unlock the full course today
Join today to access over 24,200 courses taught by industry experts.
File integrity monitoring
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 3 Information Security Program
File integrity monitoring
- [Instructor] File integrity monitoring is an important component of a defense-in-depth approach to cybersecurity. We have many different defenses designed to keep our endpoint systems safe. Antivirus software is designed to detect malicious files before they gain a foothold on endpoints. Centralized multifactor authentication prevents attempts to compromise user accounts. Host intrusion detection and prevention systems alert us to potential compromises, and sometimes even block them. However, the principle of defense-in-depth suggests that we should have controls in place that can help us detect an intrusion even when those other systems fail. File integrity monitoring is a great example of this type of control. File integrity monitoring systems watch the file system of an endpoint or server for any unexpected changes, and then report those changes to an administrator for further investigation. They perform this…
Contents
-
-
-
-
-
-
Operating system security8m 44s
-
(Locked)
Malware prevention6m 12s
-
(Locked)
Application management5m 23s
-
(Locked)
Host-based network security controls7m 44s
-
(Locked)
File integrity monitoring4m 49s
-
(Locked)
Data loss prevention5m 17s
-
(Locked)
Data encryption5m 23s
-
(Locked)
Hardware and firmware security4m 38s
-
-
-
-
-
-
-
-
-
-