zoukankan      html  css  js  c++  java
  • SANS top 20

    What Are the Controls?
    The detailed Consensus Audit Guidelines are posted at http://www.sans.org/cag/ along with detailed control descriptions, examples of attacks they stop or mitigate, how to automate them, and how to test them. Below is the list of control names:

    Critical Controls Subject to Automated Measurement and Validation:

    1. Inventory of Authorized and Unauthorized Hardware
    2. Inventory of Authorized and Unauthorized Software
    3. Secure Configurations for Hardware and Software for Which Such Configurations Are Available
    4. Secure Configurations of Network Devices Such as Firewalls and Routers
    5. Boundary Defense
    6. Maintenance and Analysis of Complete Security Audit Logs
    7. Application Software Security
    8. Controlled Use of Administrative Privileges
    9. Controlled Access Based On Need to Know
    10. Continuous Vulnerability Testing and Remediation
    11. Dormant Account Monitoring and Control
    12. Anti-Malware Defenses
    13. Limitation and Control of Ports, Protocols and Services
    14. Wireless Device Control
    15. Data Leakage Protection

    Additional Critical Controls (not directly supported by automated measurement and validation):

    16. Secure Network Engineering
    17. Red Team Exercises
    18. Incident Response Capability
    19. Assured Data Back-Ups
    20. Security Skills Assessment and Training to Fill Gaps

    http://sec.chinabyte.com/465/12310465.shtml
    http://www.sans.org/critical-security-controls/
  • 相关阅读:
    微众银行面试小总结
    关于撑开父容器高度的小探讨
    2015年9月阿里校招前端工程师笔试题
    高性能JavaScript 重排与重绘
    高性能JavaScript DOM编程
    纯CSS3动画实现小黄人
    JS+css3实现图片画廊效果总结
    新游戏《机械险境》
    Twitter "fave"动画
    fragment 与 activity
  • 原文地址:https://www.cnblogs.com/diyunpeng/p/4525690.html
Copyright © 2011-2022 走看看