|
File integrity monitoring (FIM) is an internal control or process that performs the act of validating the integrity of operating system and application software files using a verification method between the current file state and the known, good baseline. This comparison method often involves calculating a known cryptographic checksum of the file's original baseline and comparing with the calculated checksum of the current state of the file.〔(【引用サイトリンク】title=http://www.ionx.co.uk/products/verisys/how-it-works )〕 Other file attributes can also be used to monitor integrity.〔(【引用サイトリンク】title=File Integrity Monitoring )〕 Generally, the act of performing file integrity monitoring is automated using internal controls such as an application or process. Such monitoring can be performed randomly, at a defined polling interval, or in real-time. ==Security objectives== Changes to configurations, files and file attributes across the IT infrastructure are common, but hidden within a large volume of daily changes can be the few that impact file or configuration integrity. These changes can also reduce security posture and in some cases may be leading indicators of a breach in progress. Values monitored for unexpected changes to files or configuration items include: * Credentials * Privileges and Security Settings * Content * Core attributes and size * Hash values * Configuration values 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「File integrity monitoring」の詳細全文を読む スポンサード リンク
|