New Training: Explain Various Types of Endpoint Defenses

In this 6-video skill, CBT Nuggets trainer Knox Hutchinson explains the different mechanisms that endpoint protection solutions can use to defend your network. Watch this new Cisco training.

Watch the full course: Implementing and Operating Cisco Security Core Technologies

This training includes:

• 6 videos

• 19 minutes of training

You’ll learn these topics in this skill:

• Introducing Endpoint Defense Mechanisms

• Anti-Virus and Anti-Malware

• Indicators of Compromise (IoC)

• Retrospective Analysis

• Dynamic File Analysis

• Summarizing Endpoint Protection Mechanisms

How Endpoint Protection Use Indicators of Compromise

In the infosec world, endpoint protection is a vital component to help safeguard and secure information systems against cyber threats. Endpoint protection systems use a variety of mechanisms to track and alert IT professionals of potential incidents. One of these mechanisms is called an indicator of compromise.

An indicator of compromise is a piece of forensic data. It is typically found in log files and is an abnormal entry that can be used to identify possible signs of malicious activity on a system or network.

Endpoint protection systems often use heuristic data to discover these indicators of compromise. By establishing a baseline of normal activity, these systems can quickly determine log entries that appear to be abnormal without human intervention.

Once an indicator of compromise has been found, endpoint protection systems can either remediate issues automatically or alert IT professionals of a possible issue. By monitoring for indicators of compromise, IT operations can limit data breaches and other potential issues as quickly as possible.