Seranglah daku@Honeypot4fun.org

Friday, 9 May 2014

20 Kontrol Keamanan

Ada 20 kontrol keamanan yang wajib di implementasi menurut SANS:

  1: Inventory of Authorized and Unauthorized Devices
  • 2: Inventory of Authorized and Unauthorized Software
  • 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  • 4: Continuous Vulnerability Assessment and Remediation
  • 5: Malware Defenses
  • 6: Application Software Security
  • 7: Wireless Access Control
  • 8: Data Recovery Capability
  • 9: Security Skills Assessment and Appropriate Training to Fill Gaps
  • 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
  • 11: Limitation and Control of Network Ports, Protocols, and Services
  • 12: Controlled Use of Administrative Privileges
  • 13: Boundary Defense
  • 14: Maintenance, Monitoring, and Analysis of Audit Logs
  • 15: Controlled Access Based on the Need to Know
  • 16: Account Monitoring and Control
  • 17: Data Protection
  • 18: Incident Response and Management
  • 19: Secure Network Engineering
  • 20: Penetration Tests and Red Team Exercises
    • Posted by Hadi Syahrial at 00:17
    Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest

    No comments:

    Post a Comment

    Newer Post Older Post Home
    Subscribe to: Post Comments (Atom)

    Blog Archive

    • ▼  2014 (7)
      • ►  June (2)
      • ▼  May (2)
        • Security Guides
        • 20 Kontrol Keamanan
      • ►  April (1)
      • ►  February (2)
    • ►  2013 (14)
      • ►  July (3)
      • ►  May (1)
      • ►  April (2)
      • ►  February (4)
      • ►  January (4)
    • ►  2012 (3)
      • ►  December (3)

    About Me

    My photo
    Hadi Syahrial
    Hello and welcome to my blog! My name is Hadi Syahrial, and I’m the Editor-in-Chief of two academic journals: ICT Review and Buletin Teknologi dan Keamanan Informasi (BTKI). I’m also the founder of the Alsaintek Persada Wisesa Caraka Foundation (APWC), an organization dedicated to advancing education and training in the field of digital technology. Through this blog, I aim to share insights, ideas, and updates related to technology, digital education, and beyond. I hope you find something here that inspires or informs you.
    View my complete profile
    Awesome Inc. theme. Powered by Blogger.