4.6. Execute proper logging procedures and evaluate the results.
The key aspect of this issue is understanding that auditing is the primary means by which security violations are discovered. Through the use of a system's auditing capabilities, audit trails or logs are created. Audit trails enable auditors or administrators to detect when security violating activities have occurred and may assist in understanding how such a violation was allowed to occur.
NOTE
For more information on this topic, see Chapter 3 of the CompTIA Security+ Study Guide, 4th Edition (Sybex, November 2008).
Auditing is the process of recording information about various online, electronic, digital events between subjects and objects. It's often synonymous with logging ...
Get CompTIA Security+™: Review Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
