Unit 5 testing and monitoring security controls
The Two popular types of security events that might indicate suspicious activity are Authentication Failures, and Unauthorized Access Attempts. Most times you will get this when you have failure due to device denying connection or incorrect password being entered in. Some system administrators set up alerts to let them know when ...view middle of the document...
Many secure systems may also lock an account that has had too many failed login attempts. When it comes to baseline anomalies that might indicate suspicious activity Network Abuse and Employees are downloading unauthorized material. That is why there are many policies out there to monitor the network abuse and employee abuse of unauthorized material.
-Predictable passwords meet minimum length requirements but remain easily guessable.
The solution to this problem is simple. You set a guideline for passwords for your employees to make it contain a set number of characters and numbers. And the passwords have to be changed every 30 days.
-Sensitive laptop data is unencrypted and susceptible to physical theft.
The solution to this problem is to encrypt all files and drives and sensitive info to make sure if it falls into the wrong hands they will not be able to destroy it.
-A user made unauthorized use of network resources by attacking network entities.
Monitor the logs and fire the user so any other suspicious activity will be caught.