Auditing, Monitoring and Intrusion Detection

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Auditing, Monitoring and Intrusion Detection:

Operational security requires ongoing review of an operational system to verify system security controls are operating correctly and effectively. Consistent auditing and monitoring achieve this and both rely on accountability

Auditing and Audit Trails: Effective auditing is reliant on accountability, which is managed by logging the activities of users and system services that maintain the operating environment and the security mechanisms. If a user’s actions can’t be verified that individual cannot be held accountable for a specific action rendering auditing ineffective as security policies cannot be enforced.

Logging can help retrace actions and events, provide evidence for prosecution, and run problem reports and analysis. The process of analyzing logs is called auditing and is an inherent function of an operating system.

The audit trails are created by logging security incidents and is a running file of records that provide documentary evidence of user actions. Trails may isolate specific events or contain

all of the activities on a system. This can be used as a tool to identify whether a user has violated security policies. It allows a security administrator to monitor user activity over time, and include information about additions, omissions, or alterations to the data within a system. Audit trails are not protective controls as they are usually examined after the event.

Monitoring: System monitoring is critical to all of the domains of information security.

The main purpose of monitoring is…


View Topics

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?