Auditing Flashcards

1
Q

What is Logging?

A

Logging is the process of generating log entries. Logging defines what generates entries,
where they are written to, and how they are retained or rotated. It’s is the task of recording data about events that take place on a system. The active recording of any information is logging.
Uses:
- Used to record program events for debugging
- System level events for maintenance or security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Auditing?

A

Auditing is the process of reviewing the records for a given period. auditing logs involves taking an initial event (usually an indicator of compromise) and reviewing every log entry generated withing a specified amount of time before and after the initial event. It’s the inspection of information to determine actions, whether it’s for answering questions or to verify the state of a system.
Uses:
- Review and analysis of logs
- Answer the who, what and when questions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Monitoring?

A

Monitoring is the continuous real-time or near real-time analysis of log events as they are
recorded. Usually automated using a Security Event Information
Management (SEIM) system, which would allow for rapid detection of
potential incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly