Allow Lists and Deny Lists + Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR)

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/3

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

4 Terms

1
New cards

Allow lists

tools allow you to build a list of software, applications, and other system components that are allowed to exist and run on a system

2
New cards

Block lists, or deny lists

are lists of software or applications that cannot be installed or run, rather than a list of what is allowed

3
New cards

Endpoint Detection and Response (EDR)

tools combine monitoring capabilities on endpoint devices and systems using a client or software agent with network monitoring and log analysis capabilities to collect, correlate, and analyze events. Key features of ___ systems are the ability to search and explore the collected data and users for investigations as well as the ability to detect suspicious data

4
New cards

Extended Detection and Response (XDR)

tools have a broader perspective considering not only endpoints but the full breadth of an organization’s technology stack. They ingest logs and other information from the broad range of components, then use detection algorithms as well as AI and ML to analyze the data to find issues and help security staff respond to them