CS459/559 - Network Security - Chapter 9 Security Audits

1. The Usefulness of an Audit
   
   • Useful for troubleshooting
   • can protect against viral attacks (ensure that executables don't change between audits)
   • ensures that no pirated software exists on system
   • tracks how many copies of software have been puchased (and how many are being used)
2. Network Auditing Tools
   
   • NT Event Log Files
   • UNIX?
   • Netware?
3. The Auditing Process Document auditing process in the security policy
   • Human Relations Factors
   • Security Drills
   • Testing
     • test all aspects of the security policy
     • all tests should be comprehensive
   • Audit Steps
     1. Review the system being audited
     2. Examine the overall environment in which the security system is operating; identify techniques used to control this environment
     3. Determine the effectiveness of each component of the security system.
     4. Assess the total security system.
     5. Document and illustrate the findings
   • Assess Management
     • Is the company buying more software than necessary?
     • What are the terms of the software license?
     • Which individuals in your company need to use which software products?
     • Has the company been buying software for employees who do not use it?
     Types of asset managemnt
     • Inventory
     • Metering
     • Distribution