Microsoft Security Monitoring & Attack Detection Planning Guide

This guide has some useful information for the detection and prevention of security related attacks. Although a couple of years old its content stilll holds true. It covers areas such as:

  • Policies
  • Security monitoring
  • Identifying internal attacks
  • Event Logs – what to look for

It also includes a useful appendix that gives information on which Event ID’s can be ignored when trying to detect a systems violation attempt.

http://www.microsoft.com/downloads/details.aspx?FamilyID=95a85136-f08f-4b20-942f-dc9ce56bcd1a&DisplayLang=en

About Simon Seagrave 706 Articles
Simon is a UK based Virtualization, Cloud & IT Technology Evangelist working as a Senior Technology Consultant and vSpecialist for EMC. He loves working in the ever changing IT industry & spends most of his time working with Virtualization, Cloud & other Enterprise IT based technologies, in particular VMware, EMC and HP products. As well as on this site, you can find him on Twitter and Google+