Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
DE.AE-03.1: The logging functionality of protection and detection tools shall be enabled. Logs shall be backed up and retained for a predefined period and regularly reviewed to identify unusual or potentially harmful activity. |
|
DE.AE-03.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_BASIC_E_p44 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p157 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p104 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to make sure security tools have logging turned on, logs are kept for a set time, and regularlychecked to spot unusual orharmful activity.This helps to detect threats earlyand take action. Examples of such tools include firewalls, antivirus software, endpoint detection, and intrusion detection systems. To achieve this goal, the following should be considered: • Logs should be stored securely and retained according to a defined retention schedule, based on applicable legal, regulatory, or operational needs. • Event detection tools and solutions should be configured to generate automated alerts for suspicious or harmful activity. • A documented procedure should be in place for regularly reviewing logs and dashboards to support timely detection and response. • Log reviews should include checks for patterns such as repeated malware infections, abnormal network traffic, or excessive access to non-business-related websites. • If such patterns are identified, follow-up actions should be defined, such as strengthening specific security controls, updating detection rules, or conducting targeted awareness training. |
|
A general note, for any purpose. |
The goal of this control is to make sure security tools have logging turned on, logs are kept for a set time, and regularlychecked to spot unusual orharmful activity.This helps to detect threats earlyand take action. Examples of such tools include firewalls, antivirus software, endpoint detection, and intrusion detection systems. To achieve this goal, the following should be considered: - Logs should be stored securely and retained according to a defined retention schedule, based on applicable legal, regulatory, or operational needs. - Event detection tools and solutions should be configured to generate automated alerts for suspicious or harmful activity. - A documented procedure should be in place for regularly reviewing logs and dashboards to support timely detection and response. - Log reviews should include checks for patterns such as repeated malware infections, abnormal network traffic, or excessive access to non-business-related websites. - If such patterns are identified, follow-up actions should be defined, such as strengthening specific security controls, updating detection rules, or conducting targeted awareness training. |
|
A general note, for any purpose. |
The goal of this control is to make sure security tools have logging turned on, logs are kept for a set time, and regularlychecked to spot unusual orharmful activity.This helps to detect threats earlyand take action. Examples of such tools include firewalls, antivirus software, endpoint detection, and intrusion detection systems. To achieve this goal, the following should be considered: - Logs should be stored securely and retained according to a defined retention schedule, based on applicable legal, regulatory, or operational needs. - Event detection tools and solutions should be configured to generate automated alerts for suspicious or harmful activity. - A documented procedure should be in place for regularly reviewing logs and dashboards to support timely detection and response. - Log reviews should include checks for patterns such as repeated malware infections, abnormal network traffic, or excessive access to non-business-related websites. - If such patterns are identified, follow-up actions should be defined, such as strengthening specific security controls, updating detection rules, or conducting targeted awareness training. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to make sure security tools have logging turned on, logs are kept for a set time, and regularlychecked to spot unusual orharmful activity.This helps to detect threats earlyand take action. Examples of such tools include firewalls, antivirus software, endpoint detection, and intrusion detection systems. To achieve this goal, the following should be considered:</p><ul><li>Logs should be stored securely and retained according to a defined retention schedule, based on applicable legal, regulatory, or operational needs.</li><li>Event detection tools and solutions should be configured to generate automated alerts for suspicious or harmful activity.</li><li>A documented procedure should be in place for regularly reviewing logs and dashboards to support timely detection and response.</li><li>Log reviews should include checks for patterns such as repeated malware infections, abnormal network traffic, or excessive access to non-business-related websites.</li><li>If such patterns are identified, follow-up actions should be defined, such as strengthening specific security controls, updating detection rules, or conducting targeted awareness training.</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
DE.AE-03.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Detection tool logging and review |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The logging functionality of protection and detection tools shall be enabled. Logs shall be backed up and retained for a predefined period and regularly reviewed to identify unusual or potentially harmful activity. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
23 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 25 of 25
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1