SEC 435 Network Penetration Testing Week 2 Discussion
"DMZ and Logs" Please respond to the following:
- Compare and contrast the key advantages and disadvantages of placing the following system types on a DMZ: Directory services (i.e. Microsoft AD), Web server, FTP server, File server, printer, and Domain Controller.
- It is commonly known that logs have become increasingly important in the IT industry--so much so that several security companies have found ways to make them more meaningful through correlation methods across different log producing platforms (i.e., Security Information Event Management [SIEM]). Determine the fundamental advantages of a company having a SIEM solution over merely having a method to store logs efficiently. Next, discuss the limitations, concerns, and future trends of having a SIEM solution within a company.