Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • HIPS30S06L04

    Enviado por

    api-3699464
    39 visualizações11 páginas
    Behavior Analysis reports are created after Behavior Analysis is performed on an application. File Event Reports display the information about all the events occurring in a file and its related entities. Registry Event Reports help in analyzing the events related to registry keys that were accessed, and the process that initiated this access event. COM Event Reports provide information about the process that accessed the COM component. Network Event Reports help an administrator keep track of the various protocols that access the network.

    Descrição original:

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PPS, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Behavior Analysis reports are created after Behavior Analysis is performed on an application. File Event Reports display the information about all the events occurring in a file and its related entities. Registry Event Reports help in analyzing the events related to registry keys that were accessed, and the process that initiated this access event. COM Event Reports provide information about the process that accessed the COM component. Network Event Reports help an administrator keep track of the various protocols that access the network.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PPS, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    39 visualizações11 páginas

    HIPS30S06L04

    Enviado por

    api-3699464
    Behavior Analysis reports are created after Behavior Analysis is performed on an application. File Event Reports display the information about all the events occurring in a file and its related entities. Registry Event Reports help in analyzing the events related to registry keys that were accessed, and the process that initiated this access event. COM Event Reports provide information about the process that accessed the COM component. Network Event Reports help an administrator keep track of the various protocols that access the network.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PPS, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 11

    Using CSA Analysis

    Generating Behavior Analysis Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-1


    Objectives

    At the end of this lesson, you will be able to meet


    these objectives:
    • Identify the various types of behavior analysis reports
    • Describe how to view behavior analysis reports
    • Identify the information provided by File event reports
    • Identify the information provided by Registry event reports
    • Identify the information provided by COM event reports
    • Identify the information provided by Network event reports
    • Identify the information provided by Summary reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-2


    Types of Behavior Analysis Reports

    • File event reports


    • Registry event reports
    • COM event reports
    • Network event reports
    • Summary reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-3


    Viewing Behavior Analysis Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-4


    File Event Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-5


    Registry Event Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-6


    COM Event Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-7


    Network Event Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-8


    Summary Reports

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-9


    Summary

    • Behavior Analysis reports are created after Behavior


    Analysis is performed on an application.
    • File event reports display the information about all the events
    occurring in a file and its related entities.
    • Registry event reports help in analyzing the events related to
    registry keys that were accessed, and the process that
    initiated this access event.
    • COM event reports provide information about the process
    that accessed the COM component.
    • Network event reports help an administrator keep track of
    the various protocols that access the network.
    • Summary reports provide information about the overall
    status of the network and also include information about all
    the individual entities.

    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-10


    © 2006 Cisco Systems, Inc. All rights reserved. HIPS v3.0—6-11

    Você também pode gostar