Computer Security logs – contains information about events in an organizational and network
ii.Audit Logs: Security event information like failed auth, file access, policy changes, account changes
Popular Event ID’s
UDP Port 123- NTP Event Correlation Approaches:
Comments are closed.
|
Mac Forensics
|