Discussion Post: Indicators of Compromise
An important part of managing security in connections and communications between a secured network and the Internet at-large is to have a benchmark for what normal traffic looks like. Many applications exist for the purpose of monitoring, probing, or scanning traffic-related events to catch irregularities that can inform a deeper investigation.
a) What types of irregularities could signal a potential security event or incident? Describe at least 2 types of indicators.
b) Which tools would you recommend to track these indicators, and how would you respond to these occurrences on your network? How would you determine if these indicators signaled a real threat?
The response must include a reference list. Using one-inch margins, double-space, Times New Roman 12 pnt font and APA style of writing and citations.