Join Lisa Bock for an in-depth discussion in this video Saving and securing audit files, part of IT Security Foundations: Operating System Security (2015).
- Auditing and logging is done for a variety of reasons.…An organization's requirements and due diligence…will dictate the logging schedule.…However, there may be compliance and regulatory…requirements for maintaining log events.…Such as, Sarbanes-Oxley, Gramm-Leach-Bliley,…and HIPAA,…which can place an increased burden or proof…that they are protecting their information systems.…Reviewing log files many times is reactive, not proactive.…
That means someone might check a log file after an event,…as log files are often the only record…of suspicious behavior.…Many automated tools are available,…however log file analysis should be a part…of a daily routine.…Even if it is a spot check of essential events,…or when suspicious or unusual activity has been identified.…Logging can take up considerable space,…so administrators should closely monitor the size…of the log files so that the files…do not fill up assigned space and possibly overwrite data.…
If the log files are filling up too quickly…or are too large, adjusting settings may be necessary,…
Note: This training maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals exam (98-367). See https://www.microsoft.com/learning/en-us/exam-98-367.aspx for more information.
- Apply security principles to create a strong password.
- Define RADIUS.
- Describe how permissions work.
- Review how to save and secure audit files.
- Explain hardening, updates, and patches.
- Identify ways to protect the email server.