Coverart for item
The Resource Audit and trace log management : consolidation and analysis, Phillip Q. Maier, (electronic book)

Audit and trace log management : consolidation and analysis, Phillip Q. Maier, (electronic book)

Label
Audit and trace log management : consolidation and analysis
Title
Audit and trace log management
Title remainder
consolidation and analysis
Statement of responsibility
Phillip Q. Maier
Creator
Subject
Genre
Language
eng
Summary
  • Introduction to Audit Logging The "Why" of Consolidated Audit Logging Taking Stock, What Is in Place Today What Forms or Levels of Logging Do You Currently Perform on This                 Device? What Is the Volume, Amount of Data Collected in One 24-Hour Period? What Is Your Retention Period; That Is, How Long Do You Keep Retrievable Logs? What Are the Formats for This Retention? 30 Days Online, 30 Days Tape, 3 Months CD? What Is the "Write per Second" Timeframe? How Many Records per Second Are Generated and Logged? Where Are the Logs Stored Today (Locally on the Box, Locally on a Nearby Server, or Remotely)? If Stored Externally, How Are They Transported to the External Store (Syslog, FTP, Other)? Is There a Separate Physical Interface over Which the Logs Are Distributed Out of the Box? What Are the Access Control Mechanisms over Access to the Stored Logs? Who Reviews the Logs? At What Frequency? What Is the Data Classification of This Log Data (Company Secret, Confidential, Internal Use)? Is There a Log Reporting System? How Are the Logs Accessed and Viewed? How Many People in the Organization Are Required to Have Access to These Logs? What Is the Nature of the Reviews: Are Keywords Searched, Summaries, or Just High-Level Eyeing of the Log Data? Are There Additional Log Review, Storage, or Analysis Capabilities That You Would Like to Have over This Log Data? If So, What Are They? The Completed Survey Deciding What to Capture and How to Do It Requirements Gathering for Whole Log Capture The Normalization Process Setting Up Correlation Rules, Putting Your Assembled Infrastructure to Work Security Event Management, Generating Reports from Your                 System Security Event and Incident Management and Reporting Security Alert Management (SAM) Setting Security Alert Levels and Escalation
  • Processes Security Operations Center (SOC) Reporting The Escalation Process Level 1 Alerts Management Reporting Pulling It All Together and Making Your Case Justifying Your System for Forensic Analysis Gaining Buy-In for Your System Future Implementation Strategies and Value-Added Components
Member of
Cataloging source
AU-PeEL
http://library.link/vocab/creatorName
Maier, Phillip Q
Dewey number
005.8
LC call number
TK5105.59 .M384 2006
Nature of contents
dictionaries
http://library.link/vocab/subjectName
  • Computer networks
  • Application logging (Computer science)
  • Computer Communication Networks
  • Computer security
Label
Audit and trace log management : consolidation and analysis, Phillip Q. Maier, (electronic book)
Instantiates
Publication
Note
Description based upon print version of record
Contents
Front Cover; Contents; Foreword; Acknowledgments; The Author; 1. Introduction to Audit Logging; 2. The "Why" of Consolidated Audit Logging; 3. Taking Stock, What Is in Place Today; 4. Deciding What to Capture and How to Do It; 5. Setting Up Correlation Rules, Putting Your Assembled Infrastructure to Work; 6. Security Event Management, Generating Reports from Your System; 7. Setting Security Alert Levels and Escalation Processes; 8. Pulling It All Together and Making Your Case; Index
Control code
PURCH EBC198964
Dimensions
unknown
Extent
1 online resource (187 p.)
Form of item
electronic
Governing access note
There is no limit to the number of simultaneous users but there is a limit of 325 uses (cumulative between all users) in each 12 month period, from the date of purchase. Library staff are alerted when the remaining number of uses is low and will decide whether to buy another copy.Printing is restricted to 20% of the total pages of the ebook, per patron. Copying and pasting is restricted to 5% of the total pages of the ebook, per person. However, printing and copy and paste permissions in excess of this may be granted by some publishers
Isbn
9780849327254
Specific material designation
remote
Label
Audit and trace log management : consolidation and analysis, Phillip Q. Maier, (electronic book)
Publication
Note
Description based upon print version of record
Contents
Front Cover; Contents; Foreword; Acknowledgments; The Author; 1. Introduction to Audit Logging; 2. The "Why" of Consolidated Audit Logging; 3. Taking Stock, What Is in Place Today; 4. Deciding What to Capture and How to Do It; 5. Setting Up Correlation Rules, Putting Your Assembled Infrastructure to Work; 6. Security Event Management, Generating Reports from Your System; 7. Setting Security Alert Levels and Escalation Processes; 8. Pulling It All Together and Making Your Case; Index
Control code
PURCH EBC198964
Dimensions
unknown
Extent
1 online resource (187 p.)
Form of item
electronic
Governing access note
There is no limit to the number of simultaneous users but there is a limit of 325 uses (cumulative between all users) in each 12 month period, from the date of purchase. Library staff are alerted when the remaining number of uses is low and will decide whether to buy another copy.Printing is restricted to 20% of the total pages of the ebook, per patron. Copying and pasting is restricted to 5% of the total pages of the ebook, per person. However, printing and copy and paste permissions in excess of this may be granted by some publishers
Isbn
9780849327254
Specific material designation
remote

Library Locations

Processing Feedback ...