Home Auditing and Monitoring
Post
Cancel

Auditing and Monitoring

Learn about auditing, monitoring, logging, and SIEM.

THM Room : https://tryhackme.com/room/auditingandmonitoringse

TASK 1 Introduction

What do you call the systematic review of an organisation’s technological infrastructure, policies and operations?

“In more formal terms, auditing is a systematic, independent, and objective process of gathering and evaluating evidence to determine if an organisation, its policies, processes, controls, or financial statements comply with applicable laws, regulations, and industry standards.”

Answer : Auditing

“As per the title of this room, the focus is on auditing and monitoring. Before moving to the next task, let’s briefly explain monitoring. In information systems, monitoring is about continually checking a computer’s or network’s performance and behaviour. It involves watching over various components such as applications, storage, and networking to make sure they’re working well together. Monitoring also looks for unusual behaviour and checks if anything violates established rules or policies.”

Answer : Monitoring

TASK 2 Audit Objectives and Types

Which type of audit is conducted by independent auditors

Answer : External audits

Which type of audit is conducted by an organisation’s own personnel?

Answer : Internal audits

TASK 3 Audit Frameworks

What is the standard used by organisations that process card payments?

“PCI DSS is a mandatory standard for organisations that process credit and debit card payments.”

Answer : PCI DSS

Who developed ITIL?

Let’s do a quick google search :

“Responding to growing dependence on IT, the UK Government’s Central Computer and Telecommunications Agency (CCTA) in the 1980s developed a set of recommendations designed to standardize IT management practices across government functions, built around a process model-based view of controlling and managing operations often credited to W. Edwards Deming and his plan-do-check-act (PDCA) cycle. “ https://en.wikipedia.org/wiki/ITIL

Answer : CCTA

Who developed COBIT?

“COBIT (Control Objectives for Information and Related Technologies) is a framework created by ISACA for information technology (IT) management and IT governance.” https://en.wikipedia.org/wiki/COBIT

Answer : ISACA

TASK 4 Auditing IT Infrastructure and Operations

Which step do we present our findings about non-conformities, weaknesses and issues noted?

Answer : 4

At which stage does an organisation review the steps based on recommendations for proper and satisfactory implementation?

Answer : 5

At which stage do the auditors establish the audit scope and define its objectives?

Answer : 1

TASK 5 Logs

Check the Intro to Logs room for more detailed logging coverage.

No Answer.

TASK 6 Log Management on Linux

Using aureport, how many failed logins have occurred so far?

Answer : 263

Answer : 4

Answer : 227

TASK 7 Log Management on MS Windows

What is the event ID for a failed login attempt?

Answer : 4625

How many failed login attempts do you have under the security events?

Answer : 2

How many failed login attempts took place in 2021?

Answer : 1

TASK 8 Monitoring

Ensure you have read and taken note of the difference between logging and monitoring.

No Answer.

TASK 9 SIEM Basics

No Answer.

TASK 10

Ensure you have noted the main concepts presented in this room.

No Answer.

This post is licensed under CC BY 4.0 by the author.