In this video, learn about the importance of log monitoring as a threat mitigation and deterrence control. This includes event logs, audit logs, security logs, and access logs along with reporting and alerting.
- [Instructor] Log monitoring is one of the most important…security controls in the modern enterprise,…but it is also one of the most often overlooked.…Now, let's face it,…log monitoring is not an exciting activity.…In fact, it's usually pretty dull.…And, as such, the newest member of any security team…usually draws this short straw.…But log monitoring is incredibly important…because logs often contain critical information…that allows administrators to both detect security breaches…and penetration attempts and conduct analysis of events…that have already taken place.…
I'm going to show you how both Windows…and Linux systems record log entries.…Let's begin with a Windows server.…You can access Windows logs…using a tool called Event Viewer.…When you open the Windows Log folder in Event Viewer,…you see that logs are organized…into several different categories.…We're going to take a look at the Application log,…the Security log, and the System log.…The Application log contains messages…from software running on the server.…
Author
Mike Chapple
Released
5/1/2018Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Using security assessment tools
- Scanning for vulnerabilities
- Threat assessment techniques
- Performing penetration testing
- Reviewing monitor logs
- Performing code reviews
- Performing fuzz testing and misuse case testing
- Analyzing coverage
- Assessing disaster recovery sites and backups
- Testing BC/DR plans
- Collecting security process data and metrics
- Auditing and control management
Skill Level Advanced
Duration
Views
-
Introduction
-
Welcome2m 49s
-
-
1. Threat Assessment
-
Security assessment tools5m 21s
-
Assess threats3m 14s
-
Threat assessment techniques2m 41s
-
Penetration testing2m 36s
-
-
2. Log Monitoring
-
Monitor log files6m 20s
-
-
3. Software Testing
-
Code review2m 50s
-
Code tests2m 41s
-
Fuzz testing6m 44s
-
Interface testing3m 29s
-
Misuse case testing2m 37s
-
Test coverage analysis2m 44s
-
-
4. Disaster Recovery
-
Disaster recovery overview4m 11s
-
Backups8m 49s
-
Validating backups2m 45s
-
Disaster recovery sites2m 59s
-
Testing BC/DR plans4m 15s
-
-
5. Assessing Security Processes
-
Security metrics3m 18s
-
Audits and assessments6m 9s
-
Control management3m 37s
-
Conclusion
-
What's next?44s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Monitor log files