Security Checks Layer
Using the tests associated with the Security Checks Layer (see Figure 1), you can monitor the following:
-
the number of modified files/folders
-
number of recently scheduled tasks
-
number of new local user accounts created
-
number of new files added to root folder
-
number of recently installed programs and windows services
-
number of disabled services running
-
number of windows services with vulnerable permissions
-
number of unquoted windows services
-
number of suspicious processes
Figure 1 : The list of tests associated with the Security Checks Layer
