StudyDaddy Information Systems Logging is an important security activity designed to assist with protecting an organization. Why is logging necessary? How and when should an audit of logs be completed? What information does the per

Logging is an important security activity designed to assist with protecting an organization. Why is logging necessary? How and when should an audit of logs be completed? What information does the per

Hello Friends,

From a security point of view, the motivation behind a log is to go about as a red flag when something awful is happening. Reviewing logs consistently could help distinguish pernicious attacks on your system. Log files are an incredible wellspring of information just on the off chance that you survey them. Logging helps in looking for oddities and errors.

Audit of logs must be done based on the necessities of organizations. Barely any regulations clarify that the audit of logs must be done in any event once per year. It is ideal to finish the audit yearly. As a matter of first importance, you ought to comprehend what fields to audit when an event happens. Before deciding what level of auditing is fundamental, you should direct a risk assessment for every system or application. Logging and auditing cooperate to guarantee clients are just performing the exercises they are authorized to perform, and they assume a key job in preventing, as well as in spotting, tracking and stopping undesirable or inappropriate activities (Cobb, 2011).

The person auditing the logs look for the User Ids,  Date and time of login and logout, Successful and failed attempts to access systems, Successful and failed attempts to access data, Files accessed, Network accessed, Changes to system configurations, Use of system utilities, Other security-related events, such as alarms triggered (Cobb, 2011).

Security policy:

  1. Purpose of auditing logs

  1. The main objective or the purpose of auditing logs it to detect errors and frauds, and prevention of errors and frauds.

  2. Log auditing is routinely done by the employees of an organization to check whether they meet all the essential regulations and to check if there are any dangers to organization security and compliance.

  1. What is responsible for Logging

  1. The people who are responsible or who have credentials for logging are information system managers, system administrators, sometimes external or third party auditors.

  2. The logging should be done frequently based on the company policies and the requirement.

  1. Logging best practices

  1. Use a tool to effectively monitor logs to distinguish and caution on security issues.

  2. Collect and total logs to a central platform, where they can all the more effectively be broken down.

  3. Compare potential threats to a database of known threats and react to them


 

References

Cobb, M. (August 08, 2011).Best practices for audit, log review for IT security investigations. Retrieved from https://www.computerweekly.com/tip/Best-practices-for-audit-log-review-for-IT-security-investigations

 

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!