Skip to Main Content
Information Security Policy Development for Compliance
book

Information Security Policy Development for Compliance

by Barry L. Williams
April 2016
Intermediate to advanced content levelIntermediate to advanced
152 pages
4h 9m
English
Auerbach Publications
Content preview from Information Security Policy Development for Compliance
132
InformatIon SecurIty PolIcy DeveloPment for comPlIance
10.5.4 Write logs for external-facing technologies onto a log
server on the internal LAN.
10.5.5 Use le-integrity monitoring or change-detection
software on logs to ensure that existing log data cannot be
changed without generating alerts (although new data being
added should not cause an alert).
10.6
Revi
ew logs for all system components at least daily. Log reviews
must include those servers that perform security functions like
intrusion-detection system (IDS) and authentication, authorization,
and accounting (AAA) protocol servers (for example, RADIUS).
Note: Log harvesting, parsing, and alerting tools may be used to meet
comp
liance with Requirement ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Writing Information Security Policies

Writing Information Security Policies

Scott Barman

Publisher Resources

ISBN: 9781466580589