Logging and monitoring can help in undertaking an investigation. This is due to the fact that network activities are assessed and all the attempts to access network resources are known. When investigating a network, there are elements that are usually sought so that it helps in the process of security analysis and investigation. Logging will give some details that can be useful in the investigation process. Logging will give detailed information about the access or attempts to access any network resources. The changes which have been made to the different network resources will be checked and realized in network logging. The logging and monitoring can give evidence regarding any illegal attempt to gain access to a network. The source of this information is syslog servers (Zdziarski, 2005). The source if critical information is the syslog servers. This is because the syslog server listens to messages which are considered to be critical in the investigation process. The data collection process for this crucial information is Backlog installation on Windows server which will be the source of the security data information. The Backlog will be considered so that it sends messages to a daemon server. This is the route in which information is achieved and access in a network server. This information is important as it helps to get the details of how the network attack was to be done. This also helps in developing network patching procedures (Rossi, 2010).
Honeypots and sandboxing are crucial techniques in undertaking gathering of important security information. In production, honeypots are use to detect, prevent and respond to attacks. On the same note, they are used in research to collect information leading into a knowhow of how and when attacks are done, hence policy formulation and prevention against the predicted attacks. They attract attackers and in the process help the network administrator to monitor how the attackers undertake their attacks (Zdziarski, 2005). I believe these measures are effective in security controls.
References
Rossi, R. (2010). Know your enemy: Learning about security threats. (2nd ed.). (2004). Boston, MA: Addison-Wesley.
Zdziarski, J. A. (2005). Ending spam: Bayesian content filtering and the art of statistical language classification. San Francisco: No Starch Press.
