Improving Web Application Security: Threats and Countermeasures
| Check | Description |
|---|---|
|
| All failed Windows login attempts are logged. |
|
| All failed actions are logged across the file system. |
|
| SQL Server login auditing is enabled. |
|
| Log files are relocated from the default location and secured with access control lists. |
|
| Log files are configured with an appropriate size depending on the application security requirement. |
|
| Where the database contents are highly sensitive or vital , Windows is set to Shut Down mode on overflow of the security logs. |
Категории