18 Dec 2022

77

Information Logging Standard

Format: APA

Academic level: College

Paper type: Essay (Any Type)

Words: 408

Pages: 5

Downloads: 0

Overview 

Logging from systems, applications and organizational services can provide critical information and offer indicators of system compromise. Logging information may not be viewed on a daily basis. Nonetheless, it is expedient to have this process from a forensics standpoint.

Purpose 

This document will serve as a policy attempting to address the issue of user data logging by identifying system requirements that the systems in use must meet, thereby facilitating audit logs and their integration with a management’s log function. This policy will be adopted for use at X organization. In this way, X organization will ensure that new systems support logging activities, including audits and managerial functions. This document covers all production systems located in X organization.

It’s time to jumpstart your paper!

Delegate your assignment to our experts and they will do the rest.

Get custom essay

Standard Log 

Requirements

It is expected that all systems handling private information contain networks access and provide access control shall record and maintain, for a period of time, audit logging information that could answer the following questions: (i) what activities were performed? (ii) Who performed the activity and on what station? (iii) What activity was performed on the system, (iv) when was the activity performed, and (v) what tools effected the activity, as well as (vi) what was the status of the activity?

Log activities

Logs shall be created when the following activities are requested on the system:

Creating, reading, updating or deleting confidential information such as passwords.

Create any information not stated above.

Initiate and accept a network connection.

Authentication activities such as log in and log out.

Granting, modifying or revoking user privileges.

System changes.

Application start-up and shut-down.

Detection of malicious activities.

Elements of the Log Activity

Various elements of the log activity shall be collected for the purpose of log description data.

Type of action.

Subsystem that is performing the action.

Identifier data – this may include user name, log times, IP address, Mac Name among other forms of information that can more accurately describe the activity.

Identifiers on system actions – these include accessed files, query parameters among other forms of data regarding the activity engaged in.

Before and after values which were generated in the course of the activity.

Access control on the activity in question.

Description on access control – reasons behind access restrictions.

Log Formatting

Formatting of data logs shall be achieved by a third party agent who will ensure integrity of logs destroyed and who can also support enterprise-based log management through analysis and reporting.

Policy Compliance 

Compliance measurement shall be verified by the Info Sec Team through various methods which include walk-throughs, business tool reports, audits, feedback to the owners and video monitoring. All and any exceptions to this policy shall be approved by the Info Sec Team in writing and prior to issuance of the exception. Employees found to be in violation of this policy will be subjected to disciplinary action, including termination and forwarding to relevant authorities.

Illustration
Cite this page

Select style:

Reference

StudyBounty. (2023, September 15). Information Logging Standard.
https://studybounty.com/information-logging-standard-essay

illustration

Related essays

We post free essay examples for college on a regular basis. Stay in the know!

Security Implication of the Internet of Things

The Internet of Things (IoT) can be described as s system of interconnected devices that have the ability to transfer information over a computer network without the need of human-to-computer or human-to-human...

Words: 892

Pages: 3

Views: 96

Modern Day Attacks Against Firewalls and VPNs

Introduction The need to have an enhanced security of the computer connectivity happens to be one of the reasons that attract companies and organizations towards wide usage of VPNs. Several simple techniques...

Words: 2025

Pages: 7

Views: 134

How to Deploy and Administer Windows Server 2012

Securing a reliable, and expandable configuration for a company is important to build a strong network. The new and enhanced features of the Windows Server 2012 can be used to implement the network. In this...

Words: 1673

Pages: 6

Views: 87

Deployment Model in Cloud Computing

Deployment model is a representation of a cloud environment primarily distinguished by parameters such as accessibility, proprietorship, and storage size. The National Institute of Standards and Technology gives the...

Words: 254

Pages: 1

Views: 81

How to Use Web Search Engines for Business Research

The advancement of technology has made it possible for many people around the world to have easy access to information whenever they want. The development of the Wide World Web-enabled different kinds of information...

Words: 773

Pages: 3

Views: 86

Distributed Database Management System (DDBMS)

Introduction Data management has been a headache to many technology enthusiasts for quite a long period of time. They have successfully managed to logically collect interrelated data and share it. If the data is...

Words: 799

Pages: 3

Views: 127

illustration

Running out of time?

Entrust your assignment to proficient writers and receive TOP-quality paper before the deadline is over.

Illustration