CYB 205 Wk 4 – Apply: Signature Assignment: Audit Logs

0 items
CYB 205 Wk 4 - Apply: Signature Assignment: Audit Logs
CYB 205 Wk 4 – Apply: Signature Assignment: Audit Logs
$9.00
Go to the store page
  • Description

CYB 205 Wk 4 – Apply: Signature Assignment: Audit Logs

At the end of the lab, you will be asked to respond to the following in a 2- to 2.5-page response at the end of your Microsoft Word document:

 

Describe what information was contained in the logs and what value they might have in a security investigation.

 

Address the following in your response:

  • Think about the challenges of getting all the Active Directory audit policy settings right. For an infrastructure administrator, how important are these types of settings?

  • What are the risks associated with logging too little data or not auditing the correct events?

  • What are the risks associated with logging too many events?

  • When the default configuration is to create audit logs, what impact can this have on security incident investigations?

  • This was just a single domain with 2 systems on a local LAN. How much more complicated would auditing and log management be for 100 computers? What about an enterprise with 10,000 computers in several domains on their LAN/WAN?

  • Considera cloud-hosted Infrastructure as a Service (IaaS) environment with many new, Internet-accessible systems regularly being built and brought online. What challenges might there be managing audit policies and logs in such an environment?

 

Finally, conclude this week’s assignment with a page explaining how the tools and processes demonstrated in the labs might be used by an infrastructure administrator to help secure an environment.

 

Submit your assignment.