Windows

    The Security Monitoring and Attack Detection Planning Guide

    Language:
    English
    This guide is designed to help organizations plan a security monitoring and attack detection system based on Windows Security Event logs. It highlights how to interpret the events and which events indicate the possibility that an attack is in progress.
    • Version:

      1

      File Name:

      The_Security_Monitoring_and_Attack_Detection_Planning_Guide.zip

      Date Published:

      6/30/2005

      File Size:

      337 KB

        The Security Monitoring and Attack Detection Planning Guide is a practical support document for business and information technology professionals who are working to develop systems to monitor security on a network and to detect intruders. Its primary goals and objectives are to:
        • Introduce the concepts of security monitoring and attack detection.
        • List applications that can provide event log correlation.
        • Describe best practice activities and processes for developing a security monitoring and attack detection system.
        • Identify business, technical, and security issues for:
          • Detecting policy violations
          • Detecting external attacks
          • Implementing forensic analysis
        • Design a security monitoring and attack detection solution that can identify when attacks on the network take place.
        • Provide the ability to implement data retention for Forensic Analysis.
    • Supported Operating System

      Windows 2000, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows 95, Windows 98, Windows 98 Second Edition, Windows ME, Windows NT, Windows Server 2003, Windows XP

        • Adobe Acrobat Reader is required to view the documentation.


        1. Click the Download button on this page.

        2. Do one of the following:

          • To start the installation immediately, click Open or Run this program from its current location.

          • To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
      • Solution Accelerators are free, scenario-based guides and automations designed to help IT Professionals who are proactively planning, deploying, and operating IT systems using Microsoft products and technologies. Solution Accelerator scenarios focus on security and compliance, management and infrastructure, and communication and collaboration.

        Get the Solution Accelerator Notifications Newsletter

        Subscribe to the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as

        • Communication & Collaboration
        • Security, Data Protection, & Recovery
        • Deployment
        • Operations & Management

        You may also receive invitations to participate in accelerator development via beta programs and customer surveys. Solution Accelerator Notifications is currently available in English only.


        If you’ve used a Solution Accelerator within your organization, please share your experience with us by completing this short survey (less than ten minutes long).

    Popular downloads

      • 01

        DirectX End-User Runtime Web Installer

        The Microsoft DirectX® End-User Runtime provides updates to 9.0c and previous versions of DirectX — the core Windows® technology that drives high-speed multimedia and games on the PC.

      • 02

        Malicious Software Removal Tool

        This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

      • 03

        Microsoft Security Essentials

        Microsoft Security Essentials provides real-time protection for your home or small business PC that guards against viruses, spyware, and other malicious software.

      • 04

        Windows 7 Upgrade Advisor

        Download and run the Windows 7 Upgrade Advisor to see if your PC is ready for Windows 7. It scans your hardware, devices, and installed programs for known compatibility issues, gives you guidance on how to resolve potential issues found, and recommends what to do before you upgrade.

      • 05

        Update for Windows XP (KB932823)

        Install this update to resolve an issue in which a user is unable to use Windows Internet Explorer 7 to download files on a computer that is running Windows XP with IME enabled.

    Loading your results, please wait...

    Free PC updates

    • Security patches
    • Software updates
    • Service packs
    • Hardware drivers

    Microsoft Suggests

       Shop for a new Windows PC.
    Shop for a new Windows PC
    Browse our collection of laptops, tablets, and convertibles perfect for the new Windows.
    Shop now