Microsoft Security Monitoring & Attack Detection Planning Guide

This guide has some useful information for the detection and prevention of security related attacks. Although a couple of years old its content stilll holds true. It covers areas such as:

  • Policies
  • Security monitoring
  • Identifying internal attacks
  • Event Logs – what to look for

It also includes a useful appendix that gives information on which Event ID’s can be ignored when trying to detect a systems violation attempt.

http://www.microsoft.com/downloads/details.aspx?FamilyID=95a85136-f08f-4b20-942f-dc9ce56bcd1a&DisplayLang=en

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn