ACCT2000 Chapter Notes - Chapter 8: Virtualization, Log Analysis, Intrusion Detection System

Physical access control begins with entry points to the building itself and then to rooms housing computer equipment. There must also be special attention to the physical security of laptops, phones and tablets that carry sensitive information. Change controls and change management refers to the formal process used to ensure that modifications to hardware, software or processes do not reduce system reliability. Log analysis is the process of examining logs to identify evidence of possible attacks. Intrusion detection systems (ids) are systems that create logs of all network traffic that was permitted to pass the firewall and then analyses those logs for signs of attempted or successful intrusions. A penetration test is an authorised attempt to break into the organisations information system. Continuous monitoring allows for the timely identification of potential problems. A computer incident response team (cirt) is a team that is responsible for dealing with major security incidents.