Windows NT Security Audit Program Date: 04/11/03 Internal Audit Job Program and Record of Tests Number: PRT Control Detail Test Steps W/P Dispo- Sign Objective Ref sition Date Auditor Access • Request local administrator access to the NT server being reviewed. required • Obtain Hyena (or alternate software) for audit testing Objective Determine whether adequate internal controls exist to ensure an effective security management and system administration for NT environment. Background 1. Obtain an understanding of the overall system structure: • Identify the primary and backup domain controllers. • Identify other types of servers we have in the area reviewed: • File and print server • Web server • Database server • Remote Access server • Workstation • Identify the location of related servers and controllers. • Identify current trust relationships. • Obtain network diagrams • Obtain copy of Domain strategy. 2. Obtain the detailed components of the system environment by performing the following tasks: • Compile a list of the group’s machines, their primary functions, the domains or workgroups to which each machine is assigned, and whether the machines are running PDC/BDC or workstation. • Identify which domain or workgroup the computer is a member of. • Examine if the machines are using NTFS or FAT. To examine, double-click on the server of interest ⇒ Disk Space. Ensure all servers are set up NTFS to support ...