Describe what information was contained in the logs and what value they might have in a security investigation.

Worldview and Nursing Process Personal Statement

Choose a specific nursing theory that is most in line with your personal philosophy of practice and approach to patient care and discuss the similarities. Explain how the nursing theory reinforces your approach to care.
Include in your explanation a specific example of a past or current practice and how your worldview and the nursing theory could assist you in resolving this issue.
Finally, explain how your worldview and the nursing theory will assist you in further developing your future practice.
You are required to cite five to 10 sources to complete this assignment. Sources must be published within the past 5 years and appropriate for the assignment criteria and nursing content.

Complete the “APA Writing Checklist” to ensure that your paper adheres to APA Style and formatting criteria and general guidelines for academic writing. Include the completed checklist as an appendix at the end of your paper.

Prepare this assignment according to the guidelines found in the APA Style Guide, located in the Student Success Center.

This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.

You are required to submit this assignment to LopesWrite. A link to the LopesWrite technical support articles is located in Class Resources if you need assistance.

I’m Catholic if that helps; you can choose any nursing theory you would like.

">

Describe what information was contained in the logs and what value they might have in a security investigation.

 

User ID – identifies an account user responsible for a certain activity.

Files and networks accessed – describes the extent to which the system data was manipulated.

Event ID – uniquely identifies each event in the logs.

Think about the challenges of getting all the Active Directory audit policy settings right. For an infrastructure administrator, how important are these types of settings?

Active directory audit policy settings are essential in detecting suspicious activities. If you actively audit your Active Directory environment, there’s a high chance you will be notified of suspicious activity prior to a malicious attack. Active directory audit policy also helps to provide system status. Dynamic monitoring of system health provides real-time alerting so you can take action before anyone notices.

What are the risks associated with logging too little data or not auditing the correct events?

Insufficient logging and monitoring vulnerability happen when security-critical events are not properly logged and the system is not monitored. Insufficient logging leads to companies failing to deal with security breaches like hacking. Attackers may walk away without being detected due to a lack of monitoring, thus leading to continuous breaching and significant losses.

What are the risks associated with logging too many events?

Logging too many events slows down a system’s performance, including configuration settings to protect the system against security breaches. In addition, logging too many results in redundancy that keeps junk files and data that are not useful, consumes unnecessary storage, and thus makes auditing difficult.

When the default configuration is to create audit logs, what impact can this have on security incident investigations?

The audit directory has a set of prearranged security settings set by Microsoft. These security settings may not be suitable for a specific company’s requirements. In addition, these security settings are well understood by hackers who will attempt to exploit gaps and vulnerabilities (Desmond et al., 2008).

This was just a single domain with two operations on a local LAN. How much more complicated would auditing and log management be for 100 computers? What about an enterprise with 10,000 computers in several domains on their LAN/WAN?

For 100 computers, a known attacker can be allowed in network assessment to help identify traffic from known blacklisted sources. Besides, determining possible outbreaks is also essential in managing an audit and log activities, while for 10,000 computers, it is crucial for the management to incorporate “repeat attack-multiple detection sources” to be able to identify hosts that may be infected and deal with the infection as soon as possible. Besides, this kind of system can implement real-time fraud detection that narrows down the scope of audit and execution.

Consider a cloud-hosted Infrastructure as a Service (IaaS) environment with many new, Internet-accessible systems regularly being built and brought online. What challenges might there be in managing audit policies and logs in such an environment?

It is difficult to deal with suspicious posts from untrusted sources due to web server Apache, thus making it difficult to monitor to audit and monitor log sources from such environments.

Finally, conclude this week’s assignment with a page explaining how the tools and processes demonstrated in the labs might be used by an infrastructure administrator to help secure an environment.

PDCA cycle can be used to implement the security controls. It is a four-step model that is carried out repeatedly for continuous improvement. PDCA stands for Plan, Do, Check, and Act.

Plan – Identify an opportunity and plan a change. For instance, the quality of the finished product might not be high enough, doesn’t fully satisfy the consumer’s needs, or an aspect of your marketing anticipates better results. Explore the available information fully. Formulate ideas and develop an implementation plan. State your success criteria and ensure they are realistic and achievable.

Do – Test the change on a small-scale pilot project to determine whether the proposed solution achieves the desired outcome. This ensures no disruption in the main operation if it’s not successful. Gather data and information as you run the pilot project for future reference and use.

Check – review the test, analyze the results, and identify what you have studied against the expected outcome to assess whet

Order a similar paper

Get the results you need