Logging and monitoring are at the heart of data security. As security events unfold, these two processes enable professionals to pinpoint activities, attribute actions to their origins, and maintain detailed records of user and system activity.

In this chapter, you'll learn about the third subobjective of CC objective 5.1. The remaining material for this objective is covered in Chapter 18, “Encryption,” and Chapter 19, “Data Handling.” The following subobjective is covered in this chapter:

• Logging and monitoring security events

LOGGING

Logs provide a treasure trove of information for security professionals, whether they're investigating an incident, troubleshooting ...