This site in other countries/regions:

Sign in

Microsoft Download Center

Windows

The Security Monitoring and Attack Detection Planning Guide

Subscribe

Quick links

This guide is designed to help organizations plan a security monitoring and attack detection system based on Windows Security Event logs. It highlights how to interpret the events and which events indicate the possibility that an attack is in progress.

Quick details

Version: 1 Date Published: 6/30/2005
Language: English
File Name Size
The_Security_Monitoring_and_Attack_Detection_Planning_Guide.zip 337 KB Download

Overview

The Security Monitoring and Attack Detection Planning Guide is a practical support document for business and information technology professionals who are working to develop systems to monitor security on a network and to detect intruders. Its primary goals and objectives are to:

  • Introduce the concepts of security monitoring and attack detection.
  • List applications that can provide event log correlation.
  • Describe best practice activities and processes for developing a security monitoring and attack detection system.
  • Identify business, technical, and security issues for:
    • Detecting policy violations
    • Detecting external attacks
    • Implementing forensic analysis
  • Design a security monitoring and attack detection solution that can identify when attacks on the network take place.
  • Provide the ability to implement data retention for Forensic Analysis.

Top of pageTop of page

System requirements

Supported Operating Systems: Windows 2000, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows 95, Windows 98, Windows 98 Second Edition, Windows ME, Windows NT, Windows Server 2003, Windows XP

  • Adobe Acrobat Reader is required to view the documentation.

Top of pageTop of page

Instructions


  1. Click the Download button on this page.

  2. Do one of the following:

    • To start the installation immediately, click Open or Run this program from its current location.

    • To copy the download to your computer for installation at a later time, click Save or Save this program to disk.

Top of pageTop of page

Additional information

Solution Accelerators are free, scenario-based guides and automations designed to help IT Professionals who are proactively planning, deploying, and operating IT systems using Microsoft products and technologies. Solution Accelerator scenarios focus on security and compliance, management and infrastructure, and communication and collaboration.

Get the Solution Accelerator Notifications Newsletter

Subscribe to the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as

  • Communication & Collaboration
  • Security, Data Protection, & Recovery
  • Deployment
  • Operations & Management

You may also receive invitations to participate in accelerator development via beta programs and customer surveys. Solution Accelerator Notifications is currently available in English only.


If you’ve used a Solution Accelerator within your organization, please share your experience with us by completing this short survey (less than ten minutes long).

Top of pageTop of page