- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
San Jose, CA - April 23 - 25, 2007
- Hotel & Travel Info
- Faculty
- Vendor Expo
- General Info
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
The level of expertise is unprecedented. People like Ed are hard to find!
-Steve O'Brien, City of Bend
Additional Course Offerings: Additional courses are available in San Jose on April 25th. Please visit the WhatWorks in Mobile Encryption Summit 2007 page for more information.
Special
About
1 Day Course
About
SANS WhatWorks Summit Series
The SANS WhatWorks Summit Series brings together the thought leaders of the industry...
>> Read More
Work Study opportunities still available for WhatWorks 2007 Log Management Summit. Please visit Work Study Facilitator Page to submit an application.
Uncovering Secrets from the Windows Security Log
Wednesday, April 25, 2007 : 1pm - 4pmRandy Smith, Ultimate Windows Security
3 CPE Credits Per Day
The Windows security log is extremely important to monitoring all aspects of Windows security. But it is also the most poorly documented area of Windows 2000 and Windows Server 2003. For most events, Microsoft documentation simply restates the static text of the event's description. Where information exists, it is riddled with inaccuracies. More importantly, Microsoft provides almost no guidance and very little background information for individual events much less events in context with other events. In addition, the security log event IDs and codes change from one version of Windows to the next, which makes security log knowledge even more arcane and complicates the design of programs that monitor the security log. In this half-day seminar, you will gain essential knowledge for leveraging the Windows security log. The seminar includes live demonstrations on Windows Server 2003 and time for Q&A. You will learn the meaning and value of all 9 audit categories how to centrally monitor logon events for your entire domain to track user access to files and folders to monitor programs executed by users why it is crucial to monitor member server logs in addition to domain controllers the meaning of the security logs many cryptic codes the truth about the impact on performance of auditing and other misconceptions.
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy