This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: 12/19/2010 1 Unit 7: Audit and Intrusion Unit 7: Audit and Intrusion Detection Detection Part 1 Click Here to Start Audio Audit Control Objectives Audit Control Objectives - TCSEC TCSEC c TCSEC - Required at C2 and above. c access and evaluate accountability information by a secure means, within a reasonable amount of time, without undue difficulty. c provide authorized personnel with the ability to audit any action that can potentially cause access to, generation of, or effect the release of classified or sensitive information. Audit Systems Audit Systems c Audit Trail - A list of events that might contain records of security violations. c Two Categories of Use Forensics: Detecting extent and responsibility of damage after an attack. Intrusion Detection: Detecting an ongoing attack. 12/19/2010 2 Anatomy of an Auditing Anatomy of an Auditing System System - Chapter 24 Chapter 24 Logger Analyzer Notifier Sanitizer Audit Considerations Audit Considerations 1) Is benefit of collecting information...
View Full Document
- Spring '11