Testing and Monitoring Security Controls

Topics: Information security, Security, Computer security Pages: 3 (588 words) Published: May 8, 2013
Unit 5 Assignment 1
Testing and Monitoring Security Controls

Testing and Monitoring Security Controls
Different traffic patterns can be a red flag when it comes to identifying different types of suspicious activities. There are multiple ways traffic can change to point out the activities:
First is an unexpected increase in overall traffic. This may just mean that your web site has been talk about on a popular news site, or it may mean that someone is up to no good. Another would be a sudden jump in the number of bad or malformed packets. Some routers collect packet-level statistics; you can also use a software network scanner like Observer or Network Monitor to track them.

Also large numbers of packets caught by your router or firewall's egress filters. Remember that egress filters prevent spoofed packets from leaving your network, so if your filter is catching them you need to identify their source, because that's a clear sign that machines on your network have been compromised. Unscheduled reboots of server machines may sometimes signify that they are compromised as well. You should already be watching the event logs of your servers for failed logons and other security-related events.

Log Files encompass complete records of all security events (logon events, resource access, attempted violations of policy, and changes in system configuration or policies) and critical system events (service/daemon start/stop, errors generated, system warnings) that can allow an administrator to quickly discover the root cause of any issues.

When remote users do not have recent patches or updates, the system administrator should set up group policies such as, forcing updates to install right away. Rather than having the users restart the systems themselves, squandering the companies and users time, but at the same time safe guarding what goes in and out of the network.

Removable storage drives introduce malware filtered only when crossing...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Testing and Monitoring Security Controls Essay
  • NT2580 Unit 5 Testing and Monitoring Security Controls Essay
  • Testing and Monitoring Security Controls Worksheet Essay
  • Information Security: Testing and Monitoring Security Controls  Essay
  • Security Monitoring Essay
  • testing Research Paper
  • Information Systems Security and Control Essay
  • Security Proposal Essay

Become a StudyMode Member

Sign Up - It's Free