Application Behavior Investigation, when deployed on a host, monitors the actions of designated applications on that host and logs them. Behavior Analysis categorizes application resources into file, registry, network, and COM components, and creates access control rules for each of these categories. Behavior Analysis creates File Access Control rules to protect the application data from being exposed to external attacks.
Application Behavior Investigation, when deployed on a host, monitors the actions of designated applications on that host and logs them. Behavior Analysis categorizes application resources into file, registry, network, and COM components, and creates access control rules for each of these categories. Behavior Analysis creates File Access Control rules to protect the application data from being exposed to external attacks.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPS, PDF, TXT or read online from Scribd
Application Behavior Investigation, when deployed on a host, monitors the actions of designated applications on that host and logs them. Behavior Analysis categorizes application resources into file, registry, network, and COM components, and creates access control rules for each of these categories. Behavior Analysis creates File Access Control rules to protect the application data from being exposed to external attacks.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPS, PDF, TXT or read online from Scribd
You can maintain integrity between the application
and the system by: • Protecting the application from the system: Behavior Analysis creates File Access Control rules to protect the application data from being exposed to external attacks. • Protecting the system from the application: Behavior Analysis categorizes application resources into file, registry, network, and COM components, and creates access control rules for each of these categories.
• The Application Behavior Investigation feature serves as a data analysis
and policy creation tool for administrators. • The three different contributing components for Application Behavior Investigation are CSA MC, the Behavior Investigation functionality, and the Agent. • Application Behavior Investigation, when deployed on a host, monitors the actions of designated applications on that host and logs all attempts to access system resources. • Application Behavior Investigation analyzes the logging data, prepares detailed reports for the designated application, and generates a rule module to implement the results. • The rule module created during Behavior Analysis helps in enforcing normal application behavior and maintaining integrity between the application and the system. • You can monitor the progress of the Behavior Analysis process on a host by using the Progress Status fields on the Behavior Analysis configuration page.