Deficiencies in security logging and improper analysis allow attackers to cover their tracks. An organization should protect the audit files. Lisa Bock covers several good practice concepts to use when auditing and logging events.
- [Instructor] Auditing and logging are done … for a variety of reasons. … An organization's own requirements and due diligence … will dictate the logging schedule. … However, there may be compliance and regulatory requirements … for maintaining log events … such as Sarbanes-Oxley, Gramm-Leach-Bliley, and HIPAA, … which can place an increased burden of providing proof … that they are protecting their information systems. … Reviewing log files is many times reactive … instead of proactive. … That means log files are generally checked after an event … as log files are often the only record … of suspicious behavior. … Many automated tools are available, … however, log file analysis … should be part of a daily routine … even if it is a spot check of critical events … or when suspicious or unusual activity has been identified. … Logging can take up considerable space, … so administrators should closely monitor … so that the files do not fill up an assigned storage … and possibly overwrite data. …
- Define “passphrase.”
- Recall the purpose of multifactor authentication.
- Identify the tool used in today’s Windows operating systems to secure the file system.
- Explain what happens when a file is moved into a folder with permissions.
- Name the authentication protocol used in Active Directory.
- Recognize the location of the audit logs.
- Summarize the purpose of hardening.
- Explain the purpose of cryptographic techniques.
Skill Level Beginner
IT Security Foundations: Core Conceptswith Lisa Bock1h 35m Beginner
IT Security: Key Policies and Resourceswith Gregory Michaelidis23m 44s Intermediate
1. Understand User Authentication
2. Understand Permissions
3. Dissecting Audit Policies
4. Server Protection
5. Providing email protection
6. Understand Encryption
Next steps1m 3s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.