From the course: Linux Hardening

Unlock this course with a free trial

Join today to access over 25,200 courses taught by industry experts.

Testing, monitoring, and reviewing

Testing, monitoring, and reviewing - Linux Tutorial

From the course: Linux Hardening

Start my 1-month free trial Buy for my team

Testing, monitoring, and reviewing

Hello, and welcome back to Cybrary's Linux Hardening course. This lesson is testing, monitoring, and reviewing. I'm your instructor, Corey Holzer. Let's get started. This lesson has four learning objectives. First, we will discuss the management and investigation of logs. Next, we'll cover best practices with regards to backups. Then we're going to look at securing Core Dumps. Finally, we'll look at how we can ensure the security measures function as expected. Logs are one of the most valuable resources we have when it comes to analyzing problems or performing forensics after an incident. Therefore, the availability of logs and their integrity is very important. This is one reason a best practice is the retention of logs on a centralized server. However, the challenge with logs is the volume of information they can contain, and this is where apps like logwatch and auditd can assist. By default, logwatch analyzes the previous day's logs and provides a summary of the information…

Contents