Unit 7-3 Audit [Compatibility Mode] - 12/19/2010 1 Unit 7:...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 12/19/2010 1 Unit 7: Audit and Intrusion Unit 7: Audit and Intrusion Detection Detection Part 3 Click Here to Start Audio Log Settings Log Settings Viewing Event Logs Viewing Event Logs - Security Security 12/19/2010 2 Viewing Event Logs Viewing Event Logs- Application Application Event Detail Event Detail Viewing Events Viewing Events 12/19/2010 3 Event Log Analysis Event Log Analysis c Numerous Types of Log Events c Distributed Across Many Machines c Must be reviewed, or they are wasted. c Third Party Tools Available (no endorsement) WinAnalysis MonitorWare Audit Event Selection Audit Event Selection (FAU_SEL) (FAU_SEL) c .1 Selective Audit Object Identity Subject Identity event type Attributes Threats Threats - Windows 2000 Windows 2000 - Admin Guide Admin Guide c Logon/Logoff Failure c Logon/Logoff Success c Success for user accesses c Success/Failure for write to program files (e.g .exe) c Password Hack c Stolen Password c Misuse of privilege c Virus Outbreak 12/19/2010...
View Full Document

This note was uploaded on 02/20/2011 for the course TECH 7375 taught by Professor June during the Spring '11 term at University of Arkansas for Medical Sciences.

Page1 / 5

Unit 7-3 Audit [Compatibility Mode] - 12/19/2010 1 Unit 7:...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online