Tammie,
You did an excellent job answering this week’s discussion board question. Suspicious exceptions is an excellent way to identify activity which could potentially be attempts of system compromisation. One thing to be careful of when automating policy enforcement through suspicious exception is to ensure to minimizes or eliminate false positive and false negative alerts. Failure to have correctly functioning security detections or having false security detections causes a huge security risk. False positives are when the security appliance sends an alert of a change or security issue which is false. The greatest security risk this causes is the potential for the security administrators or the employees who are monitoring the security detections
You did an excellent job answering this week’s discussion board question. Suspicious exceptions is an excellent way to identify activity which could potentially be attempts of system compromisation. One thing to be careful of when automating policy enforcement through suspicious exception is to ensure to minimizes or eliminate false positive and false negative alerts. Failure to have correctly functioning security detections or having false security detections causes a huge security risk. False positives are when the security appliance sends an alert of a change or security issue which is false. The greatest security risk this causes is the potential for the security administrators or the employees who are monitoring the security detections