Advanced Host Intrusion Prevention with CSA - download pdf or read online

By Chad Sullivan

This ebook is meant for someone at present utilizing the CSA product in addition to somebody focusing on its implementation. even though this booklet is an invaluable source for the implementation and tuning groups, it additionally presents loads of details pertinent to venture managers and IS/IT managers who're tasked with overseeing a CSA venture or implementation.

Show description

Read or Download Advanced Host Intrusion Prevention with CSA PDF

Best network security books

Download PDF by Kevin Fletcher: Juniper Networks Secure Access SSL VPN Configuration Guide

Juniper Networks safe entry SSL VPN home equipment supply an entire diversity of distant entry home equipment for the smallest businesses as much as the biggest carrier services. As a process administrator or protection expert, this complete configuration advisor will let you configure those home equipment to permit distant and cellular entry for workers.

Download e-book for iPad: Android Application Security: A Semantics and Context-Aware by Mu Zhang, Heng Yin

This SpringerBrief explains the rising cyber threats that undermine Android program safeguard. It extra explores the chance to leverage the state of the art semantics and context–aware suggestions to safeguard opposed to such threats, together with zero-day Android malware, deep software program vulnerabilities, privateness breach and inadequate protection warnings in app descriptions.

Tony Campbell's Practical Information Security Management: A Complete Guide PDF

Create applicable, security-focused company propositions that reflect on the stability among fee, possibility, and usefulness, whereas beginning your trip to develop into a data defense supervisor. protecting a wealth of knowledge that explains precisely how the works this present day, this publication specializes in how one can organize an efficient details defense perform, lease the correct humans, and strike the easiest stability among safety controls, bills, and dangers.

Extra resources for Advanced Host Intrusion Prevention with CSA

Example text

Each host can, and most likely will, reside in multiple groups to inherit multiple policies and appropriate settings. Your groups might relate to various system types, system functionality, user types, applications deployed on the hosts, and every system in your deployment. The next two sections cover Mandatory groups and other ways groups are used outside of policy grouping. Mandatory Groups Every system that registers with the CSA MC is automatically placed in one of the three Mandatory groups: • • • These groups provide a mechanism by which an administrator can apply high-level operating system-specific policies and settings.

Each rule enforces guidelines on specific, attempted actions. Rules vary in what they control on the agent. The following are Windows rules: • Clipboard Access Control—Controls which applications can access information copied to the Clipboard. • COM Component Access Control—Allows or denies applications access to COM components. • • File Version Control—Controls which versions of a file are executed. Kernel Protection—Prevents certain access to the operating system. 22 Chapter 2: Cisco Security Agent: The Solution • NT Event Log—Allows specific Windows event log events to be reported to the CSA MC.

Rules vary in what they control on the agent. The following are Windows rules: • Clipboard Access Control—Controls which applications can access information copied to the Clipboard. • COM Component Access Control—Allows or denies applications access to COM components. • • File Version Control—Controls which versions of a file are executed. Kernel Protection—Prevents certain access to the operating system. 22 Chapter 2: Cisco Security Agent: The Solution • NT Event Log—Allows specific Windows event log events to be reported to the CSA MC.

Download PDF sample

Rated 4.72 of 5 – based on 11 votes