From the course: Cisco Certified CyberOps Associate (200-201) Cert Prep: 1 Security Concepts
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Accounting and logging activity
From the course: Cisco Certified CyberOps Associate (200-201) Cert Prep: 1 Security Concepts
Accounting and logging activity
- [Instructor] To gain access into a system, the user authenticates by providing a username and password. Authorization determines whether or not they're allowed on the network and what they can access. And accounting logs the session. Accounting and auditing detects and records or logs events such as a user attempting to create, access, or delete files and folders. Along with non-security related events, such as starting or stopping a service. Auditing is done for a variety of reasons as it is a means to monitor what users and processes on the system are doing. Auditing can also alert the administrator to unusual or suspicious activities that suggest further investigation. Most operating systems, network services and devices offer logging capabilities. Keep in mind, logging occurs after an event. However, it's a critical component in a comprehensive security plan. Capturing data in the logs, and then carefully reviewing…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Using the principle of least privilege3m 10s
-
(Locked)
Defining access control3m 33s
-
(Locked)
Comparing access control models5m 19s
-
(Locked)
Summarizing triple-A security3m 19s
-
(Locked)
Verifying authentication1m 57s
-
(Locked)
Granting authorization2m 40s
-
(Locked)
Accounting and logging activity3m 42s
-
(Locked)
Challenge: Network diagram54s
-
(Locked)
Solution: Network diagram4m 39s
-
-
-
-