O'Reilly logo

ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Second Edition by Brian Honan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 10. Auditing and Monitoring

Microsoft® Windows Server® 2008 provides a comprehensive range of auditing and logging features. If configured correctly, these features will enable you to trace all user activity on your systems in the event you need to investigate technical or security incidents.

The following sections outline some recommendations on how best to audit your Windows Server® 2008 environment.

The recommendations below are based on the guides provided by Microsoft, The Center for Internet Security, The SANS Institute and the US National Institute of Standards and Technology. Please refer to Appendix 2 for more details on these resources.

Table 52. Configuring registry auditing

Parameter

Settings

%SystemDrive%

Failures

HKLM\Software

Failures ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required