Question

The devices designed for the purpose of addressing security in the network generate a number of...

The devices designed for the purpose of addressing security in the network generate a number of logs during the continuous monitoring of the network. Discuss in detail the different types of logs created and how the security professional can use this information for analysing security in the network.

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

The different types of logs created and how the security professional can use this information for analysis security in the network --

  • Networks, computers and IT system generates records called logs that document system activity.
  • The logs file contains critical information of the business like - user performance, file creation and modification time, user access and adjustment.
  • And log files is authentication logs, system logs and audit logs, intrusion detection system and intrusion prevention system logs.
  • Logs are composed of log entries and each entry contains information which is relatd to specific event that has occured in the network or system. and the logs in the organization contains record which is related to computer security.
  • By using intrusion time, attack patterns and servers can be identified and traced and analyzed by these logs file.
  • Logs file are generated through web servers, computing devices and applications.

Types of Logs --

  • There are top four types of log data which IT team should follow and moniter and manage regularly --
  • 1.) Failed login attampts -- If the user failed to login, it can be red flag that something is wrong. and failed login attempts occur most of the time.
  • And if you are noticing many login attempts that have failed, this can be indication of attacker is trying to break into system.
  • 2.) Firewall and intrusion dectection devices -- The log from security tools like firewall and intrusion detection devices can contain data security in the organization.
  • The firewall is first first wall of security form outside threat
  • 3.) Switched and Routers -- All the basic network devices provide log data. you need to identify chain of data through your organization, through firewall, from server, sitches and routers.
  • 4.) Application Logs -- Application logs contains robust log capabilities and some use the application log section of windows.
  • For example -- If the medical data which is already protected and going through an application then app logs will show the same things that windows logs will show.
0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
The devices designed for the purpose of addressing security in the network generate a number of...
The devices designed for the purpose of addressing security in the network generate a number of logs during the continuous monitoring of the network. Discuss in detail the different types of logs created and how the security professional can use this information for analysing security in the network..
The devices designed for the purpose of addressing security in the network generate a number of...
The devices designed for the purpose of addressing security in the network generate a number of logs during the continuous monitoring of the network. Discuss in detail the different types of logs created and how the security professional can use this information for analysing security in the network.
The devices designed for the purpose of addressing security in the network generate a number of...
The devices designed for the purpose of addressing security in the network generate a number of logs during the continuous monitoring of the network. Discuss in detail the different types of logs created and how the security professional can use this information for analysing security in the network. Above lines are question for 5 marks, they haven't given any other info. Thats the whole info please if you guys can solve help me.
A number of security devices can be placed at appropriate places in the network architecture to...
A number of security devices can be placed at appropriate places in the network architecture to address certain level of security. In reference to this context, explain how a switch can be configured to monitor traffic flowing along its ports.
A number of security devices can be placed at appropriate places in the network architecture to...
A number of security devices can be placed at appropriate places in the network architecture to address certain level of security. In reference to this context, explain how a switch can be configured to monitor traffic flowing along its ports.
A number of security devices can be placed at appropriate places in the network architecture to...
A number of security devices can be placed at appropriate places in the network architecture to address certain level of security. In reference to this context, explain how a switch can be configured to monitor traffic flowing along its ports.
A number of security devices can be placed at appropriate places in the network architecture to...
A number of security devices can be placed at appropriate places in the network architecture to address certain level of security. In reference to this context, explain how a switch can be configured to monitor traffic flowing along its ports.
A number of security devices can be placed at appropriate places in the network architecture to...
A number of security devices can be placed at appropriate places in the network architecture to address certain level of security. In reference to this context, explain how a switch can be configured to monitor traffic flowing along its ports.
A number of security devices can be placed at appropriate places in the network architecture to...
A number of security devices can be placed at appropriate places in the network architecture to address certain level of security. In reference to this context, explain how a switch can be configured to monitor traffic flowing along its ports.
Machine to Machine (M2M) is a direct network technology mostly used between networked devices for exchanging...
Machine to Machine (M2M) is a direct network technology mostly used between networked devices for exchanging data and information to perform specific task without the need of human assistance. M2M technology can be of two types: wired and wireless. Mostly, 2G and 3G networks are more popular. They usually use public network like cellular and Ethernet to keep the cost is a low range. The main function of M2M technology is to access data from sensors and transmit it to...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT