This site is 100% ad supported. Please add an exception to adblock for this site.

SSCP Auditing and Monitoring


undefined, object
copy deck
Why does security tend to deteriorate during operations?
users find ways to circumvent security
What two methods are used to maintain operational assurance?
system audits and monitoring
Why is time synchronization across systems important for auditing?
in order to re-construct events during an audit
What are the four steps to set up an audit trail?
check the mechanisms needed; write a rule set matrix; turn on exception logs; turn on violation logs
What are the nine phases in a typical audit?
review security policies; develop a security matrix; review existing security information; review audit capacity and use; check patches and updates; run analysis tools and check for vulnerabilities; correlate all information; write a report; and make recommendations
What are the four types of audit tools?
discovery tools; documentation tools; audit reduction tools; and analysis tools
What are the three types of monitoring?
network monitoring, security monitoring, and keystroke monitoring
What are the four phases of incident response?
preparation, detection, handling, and post-incident response
What sort of activities are covered by the preparation phase of incident response?
establishing and training a response team, acquiring tools, and performing risk analysis
What phase of incident response is usually the most difficult?

Deck Info