Bagi yang ingin mengetahui petunjuk bagaimana konfigurasi yang aman pada sistem, jaringan, dan lain-lain bisa lihat di website NSA.
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/fact_sheets.shtml
Semoga bermanfaat!!
Sunday, 18 May 2014
Friday, 9 May 2014
20 Kontrol Keamanan
Ada 20 kontrol keamanan yang wajib di implementasi menurut SANS:
1: Inventory of Authorized and Unauthorized Devices
2: Inventory of Authorized and Unauthorized Software
3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
4: Continuous Vulnerability Assessment and Remediation
5: Malware Defenses
6: Application Software Security
7: Wireless Access Control
8: Data Recovery Capability
9: Security Skills Assessment and Appropriate Training to Fill Gaps
10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
11: Limitation and Control of Network Ports, Protocols, and Services
12: Controlled Use of Administrative Privileges
13: Boundary Defense
14: Maintenance, Monitoring, and Analysis of Audit Logs
15: Controlled Access Based on the Need to Know
16: Account Monitoring and Control
17: Data Protection
18: Incident Response and Management
19: Secure Network Engineering
20: Penetration Tests and Red Team Exercises
1: Inventory of Authorized and Unauthorized Devices
Subscribe to:
Posts (Atom)