- Password Aging
- User Privileges
- System Privileges
- Remote Access
- Consolidated Change Logs
- NTFS Permissions
- Role Permissions & Membership
- User Access
- Auditing Enabled
Home » Archive by category 'Sox'
Depending on the size of an organization, responsibility may be divided into the following defined
roles. It is important that responsibility is apparent and is supported by management. To achieve
this, the accountable persons must actually assume their accountabilities (i.e. they have powers
necessary to make corresponding decisions and the experience/knowledge to make the right
decisions).
Management and Human Resources should ensure that the necessary roles are correctly
implemented.
Board and Read more
Strategies for Auditing
Nov 23
Auditing enables you to monitor events associated with specific users, groups, and services.
These events are recorded to the security log. The capability to monitor these events is not only
useful for troubleshooting, but also is an important tool for monitoring and managing security.
You learned how you can keep tabs on the actions of specific users or groups and monitor
attempts at unauthorized access to the system or its resources.
Although you could audit every event, doing so wouldn’t be Read more
Part 1
Administrative Accounts
Administrative accounts include that includes (Domain Admins, Enterprise Admins, and Administrators)
Must have recognizable username for auditing purposes.
Active Directory build in Administrator account must be renamed and password is known only to company IT director or other executive personal.
On annual base Administrative accounts should be reviewed by IT director.
Generic Accounts
Generic accounts are general user accounts in active directory.
And are aplyed Read more