In this video, learn about the importance of log monitoring as a threat mitigation and deterrence control. This includes event logs, audit logs, security logs, and access logs along with reporting and alerting.
- [Instructor] Log monitoring is one of the most important…security controls in the modern enterprise,…but it is also one of the most often overlooked.…Now, let's face it,…log monitoring is not an exciting activity.…In fact, it's usually pretty dull.…And, as such, the newest member of any security team…usually draws this short straw.…But log monitoring is incredibly important…because logs often contain critical information…that allows administrators to both detect security breaches…and penetration attempts and conduct analysis of events…that have already taken place.…
I'm going to show you how both Windows…and Linux systems record log entries.…Let's begin with a Windows server.…You can access Windows logs…using a tool called Event Viewer.…When you open the Windows Log folder in Event Viewer,…you see that logs are organized…into several different categories.…We're going to take a look at the Application log,…the Security log, and the System log.…The Application log contains messages…from software running on the server.…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Using security assessment tools
- Scanning for vulnerabilities
- Threat assessment techniques
- Performing penetration testing
- Reviewing monitor logs
- Performing code reviews
- Performing fuzz testing and misuse case testing
- Analyzing coverage
- Assessing disaster recovery sites and backups
- Testing BC/DR plans
- Collecting security process data and metrics
- Auditing and control management