Seranglah daku@Honeypot4fun.org

Friday, 9 May 2014

20 Kontrol Keamanan

Ada 20 kontrol keamanan yang wajib di implementasi menurut SANS:

  1: Inventory of Authorized and Unauthorized Devices
  • 2: Inventory of Authorized and Unauthorized Software
  • 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  • 4: Continuous Vulnerability Assessment and Remediation
  • 5: Malware Defenses
  • 6: Application Software Security
  • 7: Wireless Access Control
  • 8: Data Recovery Capability
  • 9: Security Skills Assessment and Appropriate Training to Fill Gaps
  • 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
  • 11: Limitation and Control of Network Ports, Protocols, and Services
  • 12: Controlled Use of Administrative Privileges
  • 13: Boundary Defense
  • 14: Maintenance, Monitoring, and Analysis of Audit Logs
  • 15: Controlled Access Based on the Need to Know
  • 16: Account Monitoring and Control
  • 17: Data Protection
  • 18: Incident Response and Management
  • 19: Secure Network Engineering
  • 20: Penetration Tests and Red Team Exercises
    • Posted by Hadi Syahrial at 00:17
    Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest

    No comments:

    Post a Comment

    Newer Post Older Post Home
    Subscribe to: Post Comments (Atom)

    Blog Archive

    • ▼  2014 (7)
      • ►  June (2)
      • ▼  May (2)
        • Security Guides
        • 20 Kontrol Keamanan
      • ►  April (1)
      • ►  February (2)
    • ►  2013 (14)
      • ►  July (3)
      • ►  May (1)
      • ►  April (2)
      • ►  February (4)
      • ►  January (4)
    • ►  2012 (3)
      • ►  December (3)

    About Me

    My photo
    Hadi Syahrial
    My name is Hadi Syahrial. I am editor in chief of a journal named ICT Review and Buletin Teknologi dan Keamanan Informasi (BTKI).
    View my complete profile
    Awesome Inc. theme. Powered by Blogger.