Chapter 18. Auditing

Ask someone in IT what auditing is, and you may be told that it's running a vulnerability scanner from outside your network to assess its security weaknesses, configuring the audit policy on the Windows Server 2003 computer so that it records security events, or even performing a penetration test (pen test) from outside your network. IT auditors, on the other hand, may view auditing as checking the security configuration of systems and the exercise of IT operations against your organization's security policy and against legislative requirements to determine if IT systems are in compliance.

Both viewpoints are correct but don't go far enough. Auditing is a process that improves security not just because it finds known vulnerabilities ...

Get Windows Server 2003 Security: A Technical Reference now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.