feket507yt
Dołączył: 21 Sty 2011
Posty: 96
Przeczytał: 0 tematów
Ostrzeżeń: 0/5 Skąd: England
|
Wysłany: Sob 5:22, 09 Kwi 2011 Temat postu: Nike Free Running Shoes Considerations For Designi |
|
|
er you design the revocation process [link widoczny dla zalogowanych], you can design the auditing process. As you design the auditing process [link widoczny dla zalogowanych], think about the following things:
Consider the configuration of auditing.
Q Auditing of CA activity requires configuration in the Certification Authority console, but it is dependent on the establishment of object access auditing in the Windows Settings, Security Settings, Local Policies, Audit policy of the appropriate Group Policy Object (GPO).
Q If object access auditing is not turned on, specific CA activity will not be recorded in the Security event log. If the CA exists on a member server, the Audit policy should be set using Group Policy. The GPO should be linked to the domain or organizational unit (OU) that the CA computer is a member of. (The design of Group Policy is discussed in Chapter 5 and Chapter 8.)
Consider the events that can be audited. These are configured from the CA audit properties page as shown in Figure 2-17.
Q Back Up And Restore Of The CA Database. Auditing these events provides a [url=]MCSE Certification[/url] solid record of backup. Checking for successful backup is always a sound activity. In addition, an unexpected restore of the CA database located by the audit might be an indication of tampering and should be investigated.
Q Change CA Configuration. Auditing these events allows for the tracking of successful and unsuccessful changes to configuration against planned and approved changes and provides a record of proper maintenance. Possible tampering can also be confirmed. Configuration events audited include adding and removing templates, configuration of the CRL publication schedule, configuration of the CDPs and AIAs, changes to policy modules, and key archival and recovery.
Q Change CA Security Settings. These events include the configuration of CA roles for role-based administration, setting of restrictions on Certificate Managers, and the configuration of auditing. It's important to note that these configuration events are not recorded by turning on the Changes In Configuration settings you must turn on Changes In CA Security Settings Auditing.
Q Issue And Manage Certificate Requests. Auditing these events will record successful and failed attempts at issuance of certificates and their management. A record can be produced for each certificate requested, issued, or imported.
Q Revoke Certificates And Publish CRL. Auditing these events will record successful and failed attempts to revoke certificates and publish CRLs.
Q Store And Retrieve Archived Keys. If key archival is configured, auditing these events will record successful or failed attempts at storage and retrieval. Access to archived keys should be performed only according to strict policy to ensure that only authorized administrators retrieve the keys and that they are returned to the correct owner. There are technical controls to ensure this; however, checking the audit of the process against documented approved need will enable discovery of unauthorized attempts and compromised keys.
Q Start And Stop Certificate Services. Stopping and starting certificate services is necessary to accomplish some configuration and policy changes [link widoczny dla zalogowanych], as well as CA key renewal. The actual events should always be audited against approved maintenance.
Consider which events to audit.
Q To decide which events to audit, determine how much knowledge is needed. The amassing of large volumes of records that might never be examined is counterproductive. The policy, and therefore the design, of the audit should keep these things in mind. One way to make a [url=]70-290 Exam[/url] determination is to examine the impact of auditing each event and make decisions based on impact vs. value.
Q You should also "work with your organization's legal department to determine whether auditing certain types of events are required by law or regulation and what t
Post został pochwalony 0 razy
|
|