SOP 28 Failed User logins DWS Batch NGA Program

j3285092 34 views 9 slides Sep 17, 2024
Slide 1
Slide 1 of 9
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9

About This Presentation

it is for wipro nga programs

Size: 351.41 KB
Language: en
Added: Sep 17, 2024
Slides: 9 pages

Slide Content

WIPRO NGA Program – DWS Batch Capstone Project Presentation – 12 May 2024 www.rpsconsulting.in Presented by – Anjali Sharma Failed User logins: Investigating repeated failed user login attempts

Failed User logins: Investigating repeated failed user login attempts. 2024 - RPS Consulting all rights reserved 2 TITLE: Failed User logins: Investigating repeated failed user login attempts. PURPOSE: This SOP outlines the steps to be taken when investigating repeated failed user login attempts in order to maintain the security of the system or platform. SCOPE: This SOP is applicable for all the personnel who are authorized to manage servers in the window server environment .

PROCEDURE-: Investigating user failure attempts using event viewer requires a systematic approach to identify potential security threats and take appropriate actions. Step 1: You can use Event Viewer to see the logs and investigate events. Open Event Viewer in Active Directory and navigate to Windows Logs>Security .

The pane in the center lists all the events that have been setup for auditing . You will have to go through events registered to look for failed logon attempts. Once you find them, you can right click on the event and select Event Properties for more details. In the window that opens, you can find the IP address of the device from which the logon was attempted . STEP 2: Identifying Root cause : Identify the source of the failed login attempts using available information from the alert. Check the IP address associated with the failed attempts for any signs of suspicious activity or known malicious behavior. Determine if there are any patterns in the login attempts, such as sequential usernames or common passwords. Resolution for forgotten password: When user forgotten their password, follow these steps:- Login to the domain as an administrator.

Open to the server manager > navigate tools . In the tools> select Active Directory users and Computers .

Step 2 : In the domain ( abc.local ) Right click on the user account that requires reset password . Select reset password .

Step 3 : Set a new password for the user Step 4 : Confirm the password change and Click OK. Step 5 : Notify the user of the new password.

Monitor Logs : Regularly monitor logs related to user login attempts across all relevant systems and platforms. Logs may include authentication logs, access logs, and event logs depending on the type of system. 4. Temporary Lockouts : If deemed necessary based on the investigation, implement temporary lockouts for the user account or IP address associated with the failed login attempts. Document the duration of the lockout and ensure it complies with security policies. 5. Enhanced Security Measures : Evaluate whether additional security measures such as multi- factor authentication (MFA) or password complexity requirements are needed to mitigate future risks. Implement any necessary changes to strengthen security controls. 6. User Notification: If a user account is affected by the investigation, notify the user about the failed login attempts and any temporary lockouts imposed on their account. Provide guidance on best practices for maintaining account security and offer assistance if needed.

7. Documentation and Reporting : Document the details of the investigation, including findings, actions taken, and any recommendations for improving security. Generate reports summarizing the investigation results and submit them to relevant stakeholders, such as IT management or compliance teams. 8. Review and Continuous Improvement : Regularly review the effectiveness of the investigation process and make adjustments as necessary based on emerging threats and lessons learned. Continuously improve security measures to enhance the resilience of the system against unauthorized access attempts. VALIDATION: By the following sop the server administrator can be able to Investigate and repeated failed user login attempts.
Tags
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 34
  • Slides 9
  • Age 455 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
77 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
71 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
69 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
57 views
Know for Certain 21
Know for Certain
DaveSinNM
33 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
37 views
View More in This Category