USING OF LOGS FOR IT SECURITY ASSESSEMENT
Supp/2008 , p661..671
Author(s):
Floarea NĂSTASE
Pavel NĂSTASE
Keywords:
Log, web proxy, firewall, event, vulnerability
Abstract:
In this paper we try to analyze the logs management as a part off computer security management in order to deliver evidences necessary in IS auditing.Today, logs serve many functions within most organizations, such as optimizing system and network performance, recording the actions of users, and providing data useful for investigating malicious activity. Many logs contain records related to computer security (hardware, software). Security software is a major source of computer security log data. Common types of security software include the following: antivirus software, intrusion detection and intrusion prevention systems, remote access, agent proxies, vulnerability management software, authentication servers etc. Log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time. Logs can also be useful for performing auditing and forensic analysis, supporting the organization’s internal investigations, establishing baselines, and identifying operational trends and long-term problems. Organizations may store and analyze certain logs for compliance with key regulations, guidelines and standards.
Download:
Back
|
|