Aside from the security related issues of file/print servers (i.e. passwords, ACL's, patches, permissions, services/ports etc) what else would you include in a file/print server audit of your guest servers that are running solely as file/print servers? I could do with like a top 10 issues that an audit of such servers would include, with security being just one.
And in your opinion how long would it take to do an audit per server? 2 hours, 1 day, 5 days? Whats a realistic time frame?
Is it common to ask for an audit of file/print servers, or pretty unheard of? It just seems to me a perhaps overlooked area of risk in that you can have highly sensitive data sat on file servers but there seems more drive towards application audits/wireless audits/voip etc. Is file/rpint typically pulled in with other areas in an audit, i.e. AD?