Carnegie Mellon University – Best Practices for NTP Services 3.3 3.3.7 Audit and Accountability
This article talks about how NTP works, NTP vulnerabilities, and best practices; configuration of the NTP server.
SEARCH RESULTS
Cisco – Network Time Protocol: Best Practices White Paper 3.3 3.3.7 Audit and Accountability
This is a whitepaper from Cisco on the NTP Protocol.
DNSstuff – 10 Best Free and Open-Source SIEM Tools 3.3 3.3.5 Audit and Accountability
This article lists Security Information and Event Management (SIEM) tools that provide log analysis and correlation of events. Caveat: Open source may be sufficient for some small companies but do not provide support and may offer only a limited feature set. Most of these open source solutions offer a paid option as well. If you try it and like it, upgrading to the paid option to gain support and features is easy.
DNSstuff – Log Management Tools 3.3 3.3.5 3.3.6 Audit and Accountability csc6
This link provides a list of no or low cost log management tools.
Environmental Protection Agency – Audit and Accountability Procedure 3.3 3.3.4 Audit and Accountability
This example procedure from the EPA shows how they iplement the security control requirements for the Audit and Accountability (AU) control family, as identified in NIST SP 800-53.
From Logs to Action: Making Sense of CMMC Control AU.L2-3.3.5 3.3 3.3.5 3.3.6 Audit and Accountability csc6
This article discusses the importance of collecting logs, why CMMC Control AU.L2-3.3.5 is important, and provides helpful resources to become compliant.
Gartner – Insider Risk Management Solutions Reviews and Rankings 3.3 3.3.2 Audit and Accountability
Gartner defines insider risk management (IRM) as the tools and capabilities to measure, detect and contain undesirable behavior of trusted accounts within the organization. In response to a recognized need to minimize the effects of unwanted activity within the organization and key partners, security and risk management leaders have to mitigate risk. This market consists of tools and solutions to monitor the behavior of employees, service partners and key suppliers working inside the organization, and to evaluate whether behavior falls within expectations of role and corporate risk tolerance. Insider risk may involve errors, fraud, theft of confidential or commercially valuable information, or the sabotage of computer systems.
Internet Engineering Task Force – Network Time Protocol Best Current Practices 3.3 3.3.7 Audit and Accountability
This is Internet Engineering task force’s updated best practices for Network Time Protocol.
log.io – The Complete Guide to the ELK Stack 3.3 3.3.4 Audit and Accountability
This is an article from logz.io that speaks to defining the elk stack, the importance, installation and configuration of it.
Logwatch 3.3 3.3.5 3.3.6 Audit and Accountability csc6
This document from Ubuntu discusses Logwatch, a tool that will monitor your server's logs and email the administrator a digest on a daily basis.