The number, volume, and variety of computer security logs have increased greatly, which has created the need for a greater understanding of computer security log management. Log management is an essential component for an organization to ensure that computer security records are stored in sufficient detail for an appropriate period of time. Routine log analysis is beneficial for identifying security incidents, policy violations, fraudulent activity, and operational problems. Logs are also useful when performing auditing and forensic analysis, supporting internal investigations, establishing baselines, and identifying operational trends and long-term organizational problems.
Lunarline’s three day, hands-on course will assists organizations in establishing log management and auditing policies and procedures to discover and handle incidents efficiently and effectively. Students will learn log management, particularly skills for analyzing system related log data. Students will gain an understanding of log analysis tools and technologies available for system administrators through hands-on lab work.
- Module 1 Basics of Computer Security Logs
- Module 2 Log Management Planning
- Module 3 Log Management Infrastructure
- Module 4 Log Management Operational Process
- Module 5 Collection, Analysis, & Retention
- Module 6 Logs as Digital Evidence
- Module 7 Capstone
- Module 8 Final Recommendations & Review
This course is intended for System and Network Administrators, Security Administrators, Computer Security Incident Response Team members, Application Developers, Information Security Officers, Chief Information Officers, Auditors, and individuals with intermediate knowledge of information systems and systems security. Some experience with command line tools is desired but not mandatory.
Windows System Security Auditing course (3 days hands-on) is one of the courses within Lunarline’s Certificate Program in Cybersecurity. Every student participating will receive a certificate of successful participation in this course, which will allow you to claim hours of Continuous Professional Experience for your existing certifications. Our Continuing Education Credits are accepted by ISC2, CompTIA and ISACA.
Course includes the following takeaway items: a printed training book and a CD that includes reference materials pertaining to the course.