Lesson 8 | Auditing strategy. |
Objective | How do I plan an auditing strategy? |
Auditing the overall Security Plan
Auditing is an important aspect of an overall security plan.
Most modern systems can record all their activity in log files. These logs enable you to determine the effectiveness of your security implementation.
Through these activity logs, you can usually determine if an unallowable activity occurred and how it was able to occur.
Logging activity
Information about who has logged on, when, and for how long should be investigated for
- System access during non-business hours
- Long periods of log in time for users with mid- to high-level access rights
- Anytime log off would be expected, such as when a user is on vacation
Sorting log information