In addition to normal
software and hardware inventory information of an endpoint, its better that we also collect some other critical information for endpoint analysis,threat and security breach detection.
Extended Hardware Inventory
Printers | Collect information about printers connected to the endpoint.
Information to collect :
1. Printer Name
2. Driver Name and Version
3. Is Local or Network Printer.
|
USB Devices
|
Information to collect :
1. Type of USB device. eg : Mass Storage, USB Hub, smart card reader etc.
2. Manufacturer and Vendor ID. eg : Lenovo , Samsung
3. Port Number on which the device is connected.
4. Serial Number. eg: every pen drive has a unique serial number.
5. Device Class (reserved , hub etc) and Device address
6. USB Version (1.1, 2.0 etc) and Host Controller (generally 0 except for USBHub)
|
PCI Devices
|
Typical PCI cards used in PCs include: network cards, sound cards etc.
Modems,extra ports such as USB or serial, TV tuner cards and disk controllers
are also included as PCI devices.
Information to collect :
1. Name of the PCI - Peripheral Component Interconnect device
2. Type - Integrated onboard or Expansion slot
|
Modems |
Information to collect :
1. Provider Name , Manufacturer
2. Type - Internal , External
3. Port Number. eg. COM3
4. Port Speed. eg. 115200
5. Port Settings eg. 8N1
6. Inf file name
|
Monitor
|
Information to collect :
1. Name
2. Type - LCD , CRT
3. Manufacturer and year manufactured
4. Screen Resolution
5. Color Depth ( eg. 32bit )
6. Size in Inches
|
|
Information to collect :
1. Type - Standard 101,102, PS/2,Natural
2. Number of Function Keys
3. Manufacturer
|
|
Information to collect :
1. Number of buttons (2 , 3 , with/without scroll)
2. Model
3. Manufacturer
|
0 comments:
Post a Comment