Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • HIPS30S04L06

    Enviado por

    api-3699464
    24 visualizações2 páginas
    CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. Rules respond to system and kernel requests based on their operating system architecture. System correlation rules can be used to categorize processes and correlate events across multiple hosts.

    Descrição original:

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PPS, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. Rules respond to system and kernel requests based on their operating system architecture. System correlation rules can be used to categorize processes and correlate events across multiple hosts.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PPS, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    24 visualizações2 páginas

    HIPS30S04L06

    Enviado por

    api-3699464
    CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. Rules respond to system and kernel requests based on their operating system architecture. System correlation rules can be used to categorize processes and correlate events across multiple hosts.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PPS, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 2

    Module Summary

    • CSA MC includes rules for file management, network access,


    registry control, and application management.
    • Rules can be broadly categorized into enforcement rules and
    detection rules.
    • Rules respond to system and kernel requests based on their
    operating system architecture.
    • CSA MC provides a set of rules that can be applied to both
    Windows and UNIX hosts.
    • CSA MC also provides distinct set of rules to protect
    Windows-specific and UNIX-specific components.
    • The system correlation rules in CSA MC can be used to
    categorize processes and correlate events across multiple
    hosts.

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—4-1


    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—4-2

    Você também pode gostar