Introduction
This chapter covers the fourth objective in Domain 4.0, Security Operations of the CompTIA Security+ exam.
In this chapter, we will examine monitoring computing resources, paying particular attention to the system, appliances, and network security infrastructure. We’ll further explore alert activities, including log aggregation, alerting, scanning, reporting, and archiving, as well as response and remediation. The final sections will consider tools such as SCAP, SIEM, SNMP, and the Data Loss Prevention (DLP) tool that monitors the flow of data running through our network.
This chapter will give you an overview of why companies rely on these processes to keep their environments safe and ensure you are prepared to successfully answer all exam questions related to these concepts for your certification.
Note
A full breakdown of Exam Objective 4.4 will be provided at the end of the chapter.