Traceability simply means able to track logs & events so as to detect who , why & how an attacker penetrates into a compromised system.
By reviewing logs & events one can also check for unauthorised attempts to login to a system
However, there is real challenge today to retain massive log files & yet made meaningful associations with the log files very now and then
It is a field to learn when it comes to log management. In fact , to decide what to log & what not to log becomes a science to be learnt over experience.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment