Question
Assuming that your group is a team of IT auditors who have just got an assignment to audit information logging of servers of a company.
Assuming that your group is a team of IT auditors who have just got an assignment to audit information logging of servers of a company. You have known that logs are important for information systems operation and security because logs can be used to detect unauthorized access, identify unfavorable trend, and provide data for determining the root cause of system failures. Your supervisor asked you to (1) find out what system activities are to be logged according to commonly used policies or standards. (Hint: Use the internet to search for commonly used policies of standards. Then, list the system activities in you answer. The source of the list should be included in your answer.) (2) verify whether the company maintains all those necessary logs defined in (1). (Hint: Describe the audit procedure(s) you will use to accomplish this task) (3) find out what are necessary elements of system log, such as user id. (4) examine whether the system logs actually include necessary elements (Hint: Describe the audit procedure(s) you will use to accomplish this task) (5) verify whether these logs are regularly reviewed (Hint: Describe the audit procedure(s) you will use to accomplish this task)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started