Fill a form in 3 easy steps - less than 5 mins.
Posted: November 29th, 2022
Computer Sciences & Information Technology
Application In Information Security
From a Windows 10 command prompt, type eventvwr.msc and press Enter. This will open the Windows 10 Event Viewer. Explore the different logs and write a report summarizing your findings as they relate to host intrusion detection and event logging/auditing (for performance and security).
From a Windows 10 command prompt, type eventvwr.msc and press Enter. This will open the Windows 10 Event Viewer. Explore the different logs and write a report summarizing your findings as they relate to host intrusion detection and event logging/auditing (for performance and security).
The event viewer tool is used in summing up the event logs from the network system and the applications into an appropriate structure so that the troubleshoot problems can be analyzed and fixed. The intrusion detection system is used in securing networks from intrusions (Barath, 2017). The system will track and identify the attacks within the network then analyze them via the logs of the IDS systems. Thus, the event viewer could be used to track the events in three levels: the error logs, the warning logs and the information logs.
Through the event IDs, the system can communicate on the applications that are running hence improving the threat detection activities fundamental for security. The Event ID 4688 lists every process to be executed by the system and generated by a user. An example of that is when there is malware within the system then this event indicates that the process is being executed by the program. Events ID 5154 is used in generating a record when the Windows filtering platform allows the application to look into a port for incoming connections. Event ID 5156 displayed the record of when the Windows Filtering program allows the program to remotely or locally bind another process. Event ID 5158 occurs when a record is generated after a server or client application connects with the port (Barath, 2017). Event ID 4670 is used in identifying unauthorized access through observations in the change in file permissions. A record is generated when the user changes the access control list to an object. Event ID 1125 aids in monitoring failures related to the policy applications among other changes to the policy in Active directory.
The Windows firewall provided the line of defense considering a hacker could change the rules in order to obtain system access. Thus, the firewall logging feature could be used in checking the disabled port openings and aiding in analyzing the data packets on the route.
References:
Baráth, J. (2017, October). Optimizing windows 10 logging to detect network security threats. In 2017 Communication and Information Technologies (KIT) (pp. 1-4). IEEE.
You Want Quality and That’s What We Deliver
Our writing team is assembled through a rigorous selection process, where we handpick accomplished writers with specialized expertise in distinct subject areas and a proven track record in academic writing. Each writer brings a unique blend of knowledge and skills to the table, ensuring that our content is not only informative but also engaging and accessible to a general college student audience
Competitive pricing is a cornerstone of our service, where we balance affordability with exceptional quality. In offering the best writers at rates that rival other writing services, we ensure that students can access top-notch content without breaking the bank unnecessarily. Our fair and transparent pricing structure is designed to provide value for money, making us a go-to choice for students seeking high-quality writing services at an affordable price.
Academic integrity is paramount to our writing service, which is why we produce original research and writing content for every paper. Each piece of work is carefully written from scratch, ensuring that every sentence, paragraph, and page is authentic and free from plagiarism. Our rigorous quality control process involves thorough scanning of every final draft, guaranteeing that the content meets the highest standards of originality and academic integrity. With keen attention to citation and referencing, we ensure that every source is properly credited, giving you complete peace of mind. We also have the best plagiarism checkers like safeassign and turnitin thus providing similarity score for each paper.
When you decide to place an order with Dissertation Help, here is what happens: