This lesson covers Domain 5, which are the basic requirements for auditing and accountability and discusses 3.3.1 and 3.3.2.

All right, Domain five, audit and accountability. So this is the third requirement of nous Special Publication 800-1 71. Which, of course, what we've been covering auditing accountability. So the basic requirements, what we're trying to accomplish, we're gonna create,
protect and retain information system
audit records to the extent needed to enable monitoring, analysis, investigation and reporting of unlawful, unauthorized or inappropriate information system activity. So basically, we're gonna have an audit log, and we're gonna protect that audit log from modification
will determine how long it needs to be retained. And ultimately, we're gonna make sure that it audits enough information to assist us with monitoring
any sort of investigation efforts so that we can track any sort of inappropriate behavior or inappropriate system activity. And then the second element, we're gonna ensure the actions of individual information system Users
can be uniquely traced to those users so that they can be held accountable for their actions.
So when an activity happens, I want to be able to trace it right back to a specific individual. This goes back to what I had talked about earlier. How we can't share accounts if you've got three people using the same account sales user. Well, one of those individuals does something in modifies, Ah,
or uses special permissions or whatever. We can't track it back to the individual responsible, so we want that separation
for individual accounts.

