Professional Documents
Culture Documents
System Administrator Checklist
System Administrator Checklist
Daily
Review Audit logs
Tasks Check application log for warning and error messages for service startup errors, application or database errors and unauthorized application installs Check security log for warning and error messages for invalid logons, unauthorized user creating, opening or deleting files Check system log for warning and error messages for hardware and network failures Check web/database/application logs for warning and error messages Check directory services log on domain controllers Report suspicious activity to IAO Tools !indows "vent #iewer
!eekly
Archive Audit logs
Tasks Archive audit logs to a media device with one year retention
(erform file search on system checking for documents containing words such as /password/, /passwd/, /pwd/, etc
*onthly
Perform Self Assessment Security Review
Tasks Review technology checklist for any changes Run current security review tool Import results into #ulnerability +anagement 'ystem 5#+'7 Downloads http3//iase*disa*mil $o$ IA "nterprise,wide &ools and 'oftware3 8old $isk 5*mil only7 http3//iase*disa*mil IA 'ub9ect +atter Areas3 'ecurity &echnical Implementation 8uides '&I8'3 'ecurity Readiness Review "valuation 'cripts Tools !indows $I'A :'O 8old $isk and 'cripts e"ye Retina 'canner Citadel 1ercules Remediation &ool Tools )4I; $I'A :'O 'cripts e"ye Retina 'canner Citadel 1ercules Remediation &ool
+uarterly
Test backup/restore procedures
Tasks Restore backup files to a test system to verify procedures and files
Annually
Change Service Account passwords
Tasks !ork with appropriate application administrator to ensure password changes for service accounts such as database accounts, application accounts and other service accounts are implemented
As Re-uired
Test Patches and 'otfi.es $nstall Patches and 'otfi.es Schedule Downtime for Reboots Apply /S upgrades and service packs Create/maintain user and groups accounts Set user and group security
Review and update SSAA "pdate #*S for Asset Changes "pdate #*S for $A#*s