SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis paper discusses one of the important aspects in any security model, which is the monitoring of the network and systems. From monitoring you can detect hacking attempts, virus or worm infections and propagation, configuration problems, exploits, hardware problems and many others. Monitoring is an important factor to maintain stability for the network. Information security focuses on ensuring confidentiality, integrity and availability. From network monitoring you can detect attempts to access forbidden information or resources such as unauthorized access, which in turn ensure confidentiality. You can detect attempts to change or alter information such as file modification, which ensure integrity. And you can detect any kind of problems that can affect the availability of the information such as DOS or DDOS attack. The main goal of this paper is to give an idea about some of the benefits that any one can get from the complete monitoring of the network by using logging for almost all the devices and the different types of network monitoring tools including bandwidth monitoring, packet sniffing and IDSs.