SBM4304 IS Security & Risk Management Applied Project on CISRA
VerifiedAdded on 2023/06/07
|21
|4379
|226
Report
AI Summary
This report provides a comprehensive analysis of information systems security and risk management within the context of the CISRA organization. It delves into the working mechanisms of ransomware, proposing three tools for mitigation, and examines threats against network routers and switches, detailing vulnerabilities to destruction and abuse. The report discusses strategies for ensuring the reliability and availability of web services, as well as methods for maintaining the confidentiality and integrity of staff emails. It addresses malware threats, security issues related to webmail and web servers, and proposes solutions to improve email server availability, including the use of firewalls and cloud computing. Furthermore, the report considers the impact of human factors and organizational issues on IS security and risk management, the use of log records for server analysis, and the application of audit log reports. Finally, it suggests five new network devices for mitigating security risks, offering a robust set of recommendations for enhancing CISRA's overall security posture. This document is available on Desklib, a platform that provides AI-based study tools and a wealth of academic resources for students.
Running head: IS SECURITY & RISK MANAGEMENT
IS SECURITY & RISK MANAGEMENT
Name of the student:
Name of university:
Author’s note:
IS SECURITY & RISK MANAGEMENT
Name of the student:
Name of university:
Author’s note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1IS SECURITY & RISK MANAGEMENT
Table of Contents
Introduction....................................................................................................................2
Discussion......................................................................................................................3
Working principle of ransomware.............................................................................3
Threats against the routers and switches of a network...............................................4
Reliability and availability of the web service of an organisation.............................4
Ensuring the confidentiality and integrity of the staff email......................................5
Threats to malware and security issues related to web mail and webserver..............6
Approaches to improve the availability of email servers...........................................8
Impact of human factors and organisational issues....................................................9
Use of log records for analysis of web server and email server...............................11
Use of audit log reports for performing auditing analysis.......................................11
Network devices for mitigating security problems..................................................12
Recommendations........................................................................................................13
Conclusion....................................................................................................................13
References....................................................................................................................15
Table of Contents
Introduction....................................................................................................................2
Discussion......................................................................................................................3
Working principle of ransomware.............................................................................3
Threats against the routers and switches of a network...............................................4
Reliability and availability of the web service of an organisation.............................4
Ensuring the confidentiality and integrity of the staff email......................................5
Threats to malware and security issues related to web mail and webserver..............6
Approaches to improve the availability of email servers...........................................8
Impact of human factors and organisational issues....................................................9
Use of log records for analysis of web server and email server...............................11
Use of audit log reports for performing auditing analysis.......................................11
Network devices for mitigating security problems..................................................12
Recommendations........................................................................................................13
Conclusion....................................................................................................................13
References....................................................................................................................15
2IS SECURITY & RISK MANAGEMENT
Introduction
This report aims to discuss the security of information systems and risk management
methods for ensuring the security of an organisation. The selected organisation for this report
is CISRA. The threats against the information systems of the organisation is provided along
with the working mechanism of ransomware and three tools that can be used to tackle
ransomware attack. The threats against the routers and switches of the network is discussed
and how these routers and switches can be vulnerable to destruction and abuse are stated. A
detailed discussion of how the organisation can ensure reliability and availability of the web
service is discussed. The methods of ensuring confidentiality and integrity of the staff email
is discussed. A brief discussion of the prioritisation of the threats and the security and
malware issues that are related to the webmail and web server is discussed. An appropriate
solution is proposed in this report for the improvement of availability of email servers. The
impact of human factors and the issue related to organisation on IS-based security and risk
management is provided. The use of log records that includes security, access event in
monitoring and analysis of the web server and email server problems is stated. The use of
audit log reports for performing auditing analysis is stated. Five new network devices are
proposed in this report to mitigate the security risks. Lastly, this report concludes with an
appropriate conclusion of this report.
IS security being the most crucial aspect in an organisation to ensure proper
functioning of the organisation. There are several threats against the information system that
can cripple an organisation and effect the working of that organisation at the fundamental
level. Organisations use several mitigation techniques to ensure the safety and security of the
network of the organisation.
Introduction
This report aims to discuss the security of information systems and risk management
methods for ensuring the security of an organisation. The selected organisation for this report
is CISRA. The threats against the information systems of the organisation is provided along
with the working mechanism of ransomware and three tools that can be used to tackle
ransomware attack. The threats against the routers and switches of the network is discussed
and how these routers and switches can be vulnerable to destruction and abuse are stated. A
detailed discussion of how the organisation can ensure reliability and availability of the web
service is discussed. The methods of ensuring confidentiality and integrity of the staff email
is discussed. A brief discussion of the prioritisation of the threats and the security and
malware issues that are related to the webmail and web server is discussed. An appropriate
solution is proposed in this report for the improvement of availability of email servers. The
impact of human factors and the issue related to organisation on IS-based security and risk
management is provided. The use of log records that includes security, access event in
monitoring and analysis of the web server and email server problems is stated. The use of
audit log reports for performing auditing analysis is stated. Five new network devices are
proposed in this report to mitigate the security risks. Lastly, this report concludes with an
appropriate conclusion of this report.
IS security being the most crucial aspect in an organisation to ensure proper
functioning of the organisation. There are several threats against the information system that
can cripple an organisation and effect the working of that organisation at the fundamental
level. Organisations use several mitigation techniques to ensure the safety and security of the
network of the organisation.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3IS SECURITY & RISK MANAGEMENT
Discussion
Working principle of ransomware
Ransomware are the type of malware that is used to block and restrict the access of
the files in a system and ransom is demanded for those files to be released. The hacker
senders a suspicious email or some file on the internet and when a user downloads the file or
visits the website then the malware is downloaded in the system of the user and blocks the
access of the user on the files in the system. The computers that are infected displays several
messages that notifies the user to pay the ransom for unblocking the files and even after
paying the ransom, there is no guarantee that the user will be able to retrieve all the files
(Cabaj & Mazurczyk, 2016).
The tools that can be used for protecting the system against the ransomware attacks
are as follows:
Avast anti-ransomware tools: Avast provides an anti-ransomware tool that can be
used to tackle the threat of ransomware. This tool provides a decryption and installation
wizard. In this tool, the software will ask for two copies of all the files in the system, one of
them needs to be encrypted and the other one is open. This method is used for comparing and
determining the password.
BitDefender Anti-ransomware: This tool is majorly used for protecting the systems
from ransomware viruses like Locy, CTB-Locker, Petya, and TeslaCrypt ransomware. Once
this software is loaded, the program detects an infection in the system and stops the complete
execution of the program to prevent all the files from being encrypted. This program offers
the option of retrieving the files back if they are taken hostage.
Kaspersky anti-ransomware tool: The tool of Kaspersky has been designed for the
medium or small businesses for protection of the system from ransomware viruses. This
Discussion
Working principle of ransomware
Ransomware are the type of malware that is used to block and restrict the access of
the files in a system and ransom is demanded for those files to be released. The hacker
senders a suspicious email or some file on the internet and when a user downloads the file or
visits the website then the malware is downloaded in the system of the user and blocks the
access of the user on the files in the system. The computers that are infected displays several
messages that notifies the user to pay the ransom for unblocking the files and even after
paying the ransom, there is no guarantee that the user will be able to retrieve all the files
(Cabaj & Mazurczyk, 2016).
The tools that can be used for protecting the system against the ransomware attacks
are as follows:
Avast anti-ransomware tools: Avast provides an anti-ransomware tool that can be
used to tackle the threat of ransomware. This tool provides a decryption and installation
wizard. In this tool, the software will ask for two copies of all the files in the system, one of
them needs to be encrypted and the other one is open. This method is used for comparing and
determining the password.
BitDefender Anti-ransomware: This tool is majorly used for protecting the systems
from ransomware viruses like Locy, CTB-Locker, Petya, and TeslaCrypt ransomware. Once
this software is loaded, the program detects an infection in the system and stops the complete
execution of the program to prevent all the files from being encrypted. This program offers
the option of retrieving the files back if they are taken hostage.
Kaspersky anti-ransomware tool: The tool of Kaspersky has been designed for the
medium or small businesses for protection of the system from ransomware viruses. This
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4IS SECURITY & RISK MANAGEMENT
tools works constantly in the background and provides protection to the files in the system by
monitoring the system activities.
Threats against the routers and switches of a network
Some of the common threats to the network devices of the organisation are as follows:
DoS/ DDoS attacks: These attacks are commonly used to cripple the network of an
organisation or take control of the network of the organisation. Network devices are
specifically targeted to hijack and take control of the complete network of the organisation.
Huge amount of traffic is sent to the devices of the network that hampers the proper working
of the network devices and the devices are destroyed. With the help of DDoS attacks, the
attackers take control of the systems of the organisation (Mousavi & St-Hilaire, 2015).
Malware threats: The use of malware by any unauthorised user or hacker can cause
damages to the network of the system and destroy the network devices. The most common
types of malwares that are used to attack the network of an organisation are Trojan, worms,
viruses and spam. Any unauthorised user with the help of malware can misuse the network
devices (Antikainen, Aura & Särelä, 2014).
Rootkits: This collection of tool is specifically designed for gaining access to a
network at the administrator level. The rootkits are commonly placed in a network via any
security hole that is identified in the network. These holes are generally located in the
legitimate applications of a business network.
Reliability and availability of the web service of an organisation
Reliability offers the facility of the stack of Web service for exchanging SOAP
(Simple Object Access Protocol) messages without any redundancies and guaranteed delivery
along with message ordering. Headers of SOAP message contains the information that
permits the proper delivery of the messages in a reliable order (Madsen et al., 2013).
tools works constantly in the background and provides protection to the files in the system by
monitoring the system activities.
Threats against the routers and switches of a network
Some of the common threats to the network devices of the organisation are as follows:
DoS/ DDoS attacks: These attacks are commonly used to cripple the network of an
organisation or take control of the network of the organisation. Network devices are
specifically targeted to hijack and take control of the complete network of the organisation.
Huge amount of traffic is sent to the devices of the network that hampers the proper working
of the network devices and the devices are destroyed. With the help of DDoS attacks, the
attackers take control of the systems of the organisation (Mousavi & St-Hilaire, 2015).
Malware threats: The use of malware by any unauthorised user or hacker can cause
damages to the network of the system and destroy the network devices. The most common
types of malwares that are used to attack the network of an organisation are Trojan, worms,
viruses and spam. Any unauthorised user with the help of malware can misuse the network
devices (Antikainen, Aura & Särelä, 2014).
Rootkits: This collection of tool is specifically designed for gaining access to a
network at the administrator level. The rootkits are commonly placed in a network via any
security hole that is identified in the network. These holes are generally located in the
legitimate applications of a business network.
Reliability and availability of the web service of an organisation
Reliability offers the facility of the stack of Web service for exchanging SOAP
(Simple Object Access Protocol) messages without any redundancies and guaranteed delivery
along with message ordering. Headers of SOAP message contains the information that
permits the proper delivery of the messages in a reliable order (Madsen et al., 2013).
5IS SECURITY & RISK MANAGEMENT
Some methods to provide reliable web service to the staffs of the organisation are:
Providing running database
Installing SQL tables for the client and the server
Availability of the web service is an essential feature of the performance of an
organisation. The organisation can face serious problems if there is an unavailability of web
service (Ahmed & Wu, 2013). Effective strategy for increasing the availability of the web
service are:
Proper planning for restructuring
Optimising the existing code
Enhancing the design architecture
Categorising and analysing the points of failure on the basis of severity
Designing an appropriate solution on the basis of the analysis for ensuring
high availability
Ensuring the confidentiality and integrity of the staff email
Some methods to ensure the confidentiality and integrity of the staff of CISRA are as
follows:
Confidential information are identified: The information of the customers,
matters related to the personnel, contracts, product related information and
business strategies are included in confidential information.
The availability of necessary tools and information are ensured: When there is
a requirement of sending information quickly, often the bans and prohibitions
are not followed. The tools that are required to send email quickly and
securely are installed for the staffs (Tuli & Sahu, 2013).
Some methods to provide reliable web service to the staffs of the organisation are:
Providing running database
Installing SQL tables for the client and the server
Availability of the web service is an essential feature of the performance of an
organisation. The organisation can face serious problems if there is an unavailability of web
service (Ahmed & Wu, 2013). Effective strategy for increasing the availability of the web
service are:
Proper planning for restructuring
Optimising the existing code
Enhancing the design architecture
Categorising and analysing the points of failure on the basis of severity
Designing an appropriate solution on the basis of the analysis for ensuring
high availability
Ensuring the confidentiality and integrity of the staff email
Some methods to ensure the confidentiality and integrity of the staff of CISRA are as
follows:
Confidential information are identified: The information of the customers,
matters related to the personnel, contracts, product related information and
business strategies are included in confidential information.
The availability of necessary tools and information are ensured: When there is
a requirement of sending information quickly, often the bans and prohibitions
are not followed. The tools that are required to send email quickly and
securely are installed for the staffs (Tuli & Sahu, 2013).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6IS SECURITY & RISK MANAGEMENT
Usability: Usability plays a major factor when there is a search for solutions
for sending secure e-mail. The appropriate solutions are implemented to send
secure emails.
Checking of the instructions and common procedures of information security:
the security of email communication is secured when the solution of secured
email is properly used.
Traffic control of the email service is implemented: The organisation
communicate numerous times a day through the email service. The traffic of
the email service is monitored and controlled to ensure the integrity of the
email service (Kim & Solomon, 2016).
Threats to malware and security issues related to web mail and webserver
Threats to web mail are as follows:
Malware threats: The web mail of an organisation faces the threat of malware
in the system of the organisation. A hacker can place any malware in the
webmail of the organisation and gain access to the web mail service of the
organisation.
Phishing and spam: the commercial emails that are unsolicited is referred as
spam. This is the method of transmitting spontaneous bulk commercial
messages via email. These messages can hamper the productivity of the user,
use the resources of IT excessively, and distribute the malware mechanism in
the system (Farrokhi et al., 2013).
Bots: these are the kind of malware that are designed for automatically execute
specific operations. Bots are used in botnets to take down servers and network
of a company. Spambots are commonly used in the email to generate
advertisements that can infect the webmail servers.
Usability: Usability plays a major factor when there is a search for solutions
for sending secure e-mail. The appropriate solutions are implemented to send
secure emails.
Checking of the instructions and common procedures of information security:
the security of email communication is secured when the solution of secured
email is properly used.
Traffic control of the email service is implemented: The organisation
communicate numerous times a day through the email service. The traffic of
the email service is monitored and controlled to ensure the integrity of the
email service (Kim & Solomon, 2016).
Threats to malware and security issues related to web mail and webserver
Threats to web mail are as follows:
Malware threats: The web mail of an organisation faces the threat of malware
in the system of the organisation. A hacker can place any malware in the
webmail of the organisation and gain access to the web mail service of the
organisation.
Phishing and spam: the commercial emails that are unsolicited is referred as
spam. This is the method of transmitting spontaneous bulk commercial
messages via email. These messages can hamper the productivity of the user,
use the resources of IT excessively, and distribute the malware mechanism in
the system (Farrokhi et al., 2013).
Bots: these are the kind of malware that are designed for automatically execute
specific operations. Bots are used in botnets to take down servers and network
of a company. Spambots are commonly used in the email to generate
advertisements that can infect the webmail servers.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IS SECURITY & RISK MANAGEMENT
Ransomware: Ransomware is a common malware that is used to seize the
information placed in a network and demand ransom for exchange of this
information.
Rootkit: This kind of malicious software is specifically designed for gaining
control or remote access to a computer without getting detected by the users or
any security programs.
Some of the threats to the web server are as follows:
Misconfiguration of security: the infrastructure makes the web server efficient
and reliable to use. Any misconfiguration of the web server can lead to serious
problems for the organisation and reduce the productivity of the organisation.
Injection attacks: These variety of attacks comes in the form of injection and
they are primarily used to attack the web servers as they need data to function.
Some of the injection attacks are SQL injection and code injection (Frotzscher
et al., 2014).
Unauthorised access of data: This is the type of attack that is carried out to
bypass the procedure of authentication for gaining access of data.
DoS attacks: These types of attacks are specifically executed to cripple the
servers of a company. The services of the company can be damaged if the
systems of the company have suffered DoS attacks.
Stability and server performance: The web servers are essential part of an
organisation to provide the staffs and employees with information. When the
staffs of an organisation is accessing the internet service at high rate, there is a
creation of threat of stability of the web server. The performance of the web
server can be damaged if the servers are not properly configured.
Ransomware: Ransomware is a common malware that is used to seize the
information placed in a network and demand ransom for exchange of this
information.
Rootkit: This kind of malicious software is specifically designed for gaining
control or remote access to a computer without getting detected by the users or
any security programs.
Some of the threats to the web server are as follows:
Misconfiguration of security: the infrastructure makes the web server efficient
and reliable to use. Any misconfiguration of the web server can lead to serious
problems for the organisation and reduce the productivity of the organisation.
Injection attacks: These variety of attacks comes in the form of injection and
they are primarily used to attack the web servers as they need data to function.
Some of the injection attacks are SQL injection and code injection (Frotzscher
et al., 2014).
Unauthorised access of data: This is the type of attack that is carried out to
bypass the procedure of authentication for gaining access of data.
DoS attacks: These types of attacks are specifically executed to cripple the
servers of a company. The services of the company can be damaged if the
systems of the company have suffered DoS attacks.
Stability and server performance: The web servers are essential part of an
organisation to provide the staffs and employees with information. When the
staffs of an organisation is accessing the internet service at high rate, there is a
creation of threat of stability of the web server. The performance of the web
server can be damaged if the servers are not properly configured.
8IS SECURITY & RISK MANAGEMENT
Approaches to improve the availability of email servers
Figure 1: “Use of firewall to secure the email and webs server”
Source: (Sood & Enbody, 2013)
One approach of improving the availability of email servers is with the
implementation of firewall in the servers of the system. The servers should be divided into
segments so that in the cases of any fault in the servers, the other servers will not be affected
and the work of the organisation will not be harmed. Firewall is important for the servers
because it will help in protecting the servers from any unauthorised access. The employees
with proper access the email facility and the monitoring of the email communication can be
carried out easily.
Approaches to improve the availability of email servers
Figure 1: “Use of firewall to secure the email and webs server”
Source: (Sood & Enbody, 2013)
One approach of improving the availability of email servers is with the
implementation of firewall in the servers of the system. The servers should be divided into
segments so that in the cases of any fault in the servers, the other servers will not be affected
and the work of the organisation will not be harmed. Firewall is important for the servers
because it will help in protecting the servers from any unauthorised access. The employees
with proper access the email facility and the monitoring of the email communication can be
carried out easily.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9IS SECURITY & RISK MANAGEMENT
Figure 2: “Use of cloud computing to secure the email server”
Source: (Jang-Jaccard & Nepal, 2014)
Another approach of improving the availability of email servers can be with the help
of cloud computing. All the communication records can be preserved in the cloud storage and
proper authorised users can easily access the emails. The facility of cloud anti-spam will help
the organisation to prevent any spamming attacks from the incoming spams in the emails of
the staffs. The facility is essential for the organisation, CISRA as the major form of
communication among the employees is with email and the threat of spamming has affected
the email servers. The antivirus of cloud protects the data and the emails that are stored in the
cloud storage of the organisation and prevent the access of any unauthorised users. The threat
of virus attacks on the email servers can be mitigated with the help of this method. The staffs
of the organisation will have a better availability of email services.
Impact of human factors and organisational issues
The impact of human factor and organisational issues on IS related security are as
follows:
Errors: This is the human factor that impacts the issues of IS-related security in an
organisation. The main issue of the security in an organisation by a human can be error.
Error is defined as divergence in an efficiently working system. Human errors can be careless
and deliberate. The source of errors by humans are considered to be the forces of security
culture and communication (Von Solms & Van Niekerk, 2013). The information system of an
organisation can be affected severely even though it is built with enormously great technical
backbone. The security policies of the CISRA organisation is designed for restraining
behaviour for eliminating errors.
Figure 2: “Use of cloud computing to secure the email server”
Source: (Jang-Jaccard & Nepal, 2014)
Another approach of improving the availability of email servers can be with the help
of cloud computing. All the communication records can be preserved in the cloud storage and
proper authorised users can easily access the emails. The facility of cloud anti-spam will help
the organisation to prevent any spamming attacks from the incoming spams in the emails of
the staffs. The facility is essential for the organisation, CISRA as the major form of
communication among the employees is with email and the threat of spamming has affected
the email servers. The antivirus of cloud protects the data and the emails that are stored in the
cloud storage of the organisation and prevent the access of any unauthorised users. The threat
of virus attacks on the email servers can be mitigated with the help of this method. The staffs
of the organisation will have a better availability of email services.
Impact of human factors and organisational issues
The impact of human factor and organisational issues on IS related security are as
follows:
Errors: This is the human factor that impacts the issues of IS-related security in an
organisation. The main issue of the security in an organisation by a human can be error.
Error is defined as divergence in an efficiently working system. Human errors can be careless
and deliberate. The source of errors by humans are considered to be the forces of security
culture and communication (Von Solms & Van Niekerk, 2013). The information system of an
organisation can be affected severely even though it is built with enormously great technical
backbone. The security policies of the CISRA organisation is designed for restraining
behaviour for eliminating errors.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10IS SECURITY & RISK MANAGEMENT
Awareness of information security: This factor is grouped in the organisational factor
of IS related security. The programme of awareness is required to make the employees of the
organisation understand their responsibilities and the duties towards the security of the
information system. There is a probability that the security policies of the organisation can be
misinterpreted and misunderstood by the employees, and therefore it is very important to
conduct the awareness programmes. Organisations are extremely hesitant towards their
employees to follow the rules and regulations of the information system such as security
policies (Metalidou et al., 2014).
Risk management recommendations are:
Risk management in a specific tool must be carried out in four steps:
Qualitative assessment: the information tool of risk management must record the
assessment of any risk in all possible ways that helps in monitoring and documentation of
risk priorities. The documentation of risk management must be carried out in a method,
which keeps a records these phases of processing.
Prioritisation
Risk measurement
Monitoring risk treatment actions: the responsible members of the organisation must
carry out a constant reporting of the implementation actions within the tools.
Awareness of information security: This factor is grouped in the organisational factor
of IS related security. The programme of awareness is required to make the employees of the
organisation understand their responsibilities and the duties towards the security of the
information system. There is a probability that the security policies of the organisation can be
misinterpreted and misunderstood by the employees, and therefore it is very important to
conduct the awareness programmes. Organisations are extremely hesitant towards their
employees to follow the rules and regulations of the information system such as security
policies (Metalidou et al., 2014).
Risk management recommendations are:
Risk management in a specific tool must be carried out in four steps:
Qualitative assessment: the information tool of risk management must record the
assessment of any risk in all possible ways that helps in monitoring and documentation of
risk priorities. The documentation of risk management must be carried out in a method,
which keeps a records these phases of processing.
Prioritisation
Risk measurement
Monitoring risk treatment actions: the responsible members of the organisation must
carry out a constant reporting of the implementation actions within the tools.
11IS SECURITY & RISK MANAGEMENT
Use of log records for analysis of web server and email server
Figure 3: “Log records”
Source: (Gul, Wu & Yang, 2013)
Log records are the record sets that an organisation maintains to administrator the important
events. The types of logs that are monitored are application logs, event logs, service logs, ad
system logs. The management of log records is an important integral part of the
responsibilities of any administrator of the server. With the help of proper monitoring of the
log files, the organisation can have a detailed insight on the performance of the servers,
security, and the issues that are underlying in the web server and the email server and error
messages (Jans, Alles & Vasarhelyi, 2013).
Use of audit log reports for performing auditing analysis
The trails of audit are the electronic or manual records of any procedure or event that
are maintained to provide support history and documentation, which can be used for
authenticating operational actions and maintain security, or eliminate the challenges (Scott-
Hayward, O'Callaghan & Sezer, 2013). The audit records contains elements that are defined
Use of log records for analysis of web server and email server
Figure 3: “Log records”
Source: (Gul, Wu & Yang, 2013)
Log records are the record sets that an organisation maintains to administrator the important
events. The types of logs that are monitored are application logs, event logs, service logs, ad
system logs. The management of log records is an important integral part of the
responsibilities of any administrator of the server. With the help of proper monitoring of the
log files, the organisation can have a detailed insight on the performance of the servers,
security, and the issues that are underlying in the web server and the email server and error
messages (Jans, Alles & Vasarhelyi, 2013).
Use of audit log reports for performing auditing analysis
The trails of audit are the electronic or manual records of any procedure or event that
are maintained to provide support history and documentation, which can be used for
authenticating operational actions and maintain security, or eliminate the challenges (Scott-
Hayward, O'Callaghan & Sezer, 2013). The audit records contains elements that are defined
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 21
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.