- Integrity Monitoring

Integrity ..................................................................................................................294 System Integrity .....................................................................................................297 Network Traffic Analysis ....................................................................................... 298 Network Intrusion Detection .................................................................................. 298 Encryption .............................................................................................................. 298 IPSec ......................................................................................................................299 Building and Deployment ......................................................................................299 Read Only Agent and Systems ...............................................................................299 Auditing the Deployment .......................................................................................300 Using Logs ............................................................................................................. 301 Log and Record Data Changes to Objects ............................................................. 301

Monitoring Any Use of System Privileges ........................................................ 301 System Logs ........................................................................................................... 301

Failed Log-On Attempts ....................................................................................302 Attempts to Access the System with Non-Existent Users .................................302 Attempts to Access the System at Unusual Hours ............................................302 Checking for Users Sharing System Accounts..................................................302 Multiple Access Attempts for Different Users from the Same Terminal ..........302

Auditing for Integrity .............................................................................................302 Attacks and Integrity ..............................................................................................304 Control Categories .................................................................................................304 Deterrent (or Directive) Controls ...........................................................................304 Preventive Controls ................................................................................................306 Detective Controls ..................................................................................................306 Corrective Controls ................................................................................................306 Recovery Controls ..................................................................................................306 Application Controls ..............................................................................................306 Transaction Controls ..............................................................................................307