ABSTRACT
Analysis and monitoring play key roles in the security life cycle. Without an analysis, one can neither determine whether policies are correct and cover an organization’s range of needs, nor whether procedures are correct (and if they are, are they being followed properly? Are the organization’s network and authentication systems designed correctly and functioning properly? Is the incident response team properly trained and following procedures?)
This chapter explains what an analysis by audit is and why we need one, how to conduct an audit, various levels of testing, and the important aspects of monitoring.
