Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL
Help

Defenses against Penetration Testing Software > Endpoint Protection - Pg. 55

Defenses against Penetration Testing Software 55 importantly notification of critical errors can provide advanced warning about active and pending attacks against the organization. Implementing lockout policies is important, but being able to identify accounts being locked out or multiple failed logon attempts may tip off administrators that something malicious may be taking place. Finally, don't just log it, review it. There is no sense in logging critical security events if no one is going to review or be notified of the events. Real-time notifica- tion should be considered, especially when you have a situation where an attacker is attempting to access network resources. It is not a good idea to wait for the help-desk group to notify you of something suspicious because of an increase in call volume due to user's accounts needing to be unlocked. Get the information straight from the source and in real time by being notified of account lockouts automatically. Endpoint Protection Implementing standard virus and malware protection on the desktop can help iden- tify malicious activity as well. Many antivirus software products can detect common tools and classify them as hacking tools. Although implementing antivirus protection