Explanation & Hint:
- Statistical Data: Used to describe and analyze network flow or performance data. Statistical data typically includes summaries of performance metrics like utilization percentages, error rates, and other figures that quantify the operation of the network.
- Transaction Data: Includes device-specific server and host logs. Transaction logs record the details of transactions processed by the server, including individual requests from users and the system’s response.
- Session Data: Contains details of network flows including the 5-tuples (source IP, destination IP, source port, destination port, and protocol), the amount of data transmitted, and the duration of data transmission. Session data provides a record of each discrete interaction or ‘session’ that occurs between two endpoints on the network.
- Alert Data: Generated by IPS (Intrusion Prevention System) or IDS (Intrusion Detection System) devices when suspicious traffic is detected. Alert data comprises notifications that are triggered when network traffic patterns match known signatures of malicious activity or when anomalies are detected.
|
