Name. Description. Rationale
|
|
- Elvin Phillips
- 8 years ago
- Views:
Transcription
1 Cmplliiance Cmpnentt Descriptin Ratinale Benefits List the Dmain List the Discipline List the Technlgy Area List Prduct Cmpnent Dcument the Cmpliance Cmpnent Type Cmpnent Sub-type DEEFFI INITION Hst-Based Intrusin Detectin Systems (HIDS) Hst-Based Intrusin Detectin Systems (HIDS) perate n infrmatin cllected frm within an individual cmputer system. This vantage pint allws HIDS t analyze activities t determine exactly which prcesses and users are invlved in an attack n a particular system r hst. HIDS can see the utcme f an attempted attack, as they can directly access and mnitr the data files and perating system prcesses targeted by the attack. The first step in delivering an efficient and secure intrusin prtectin strategy is accurately detecting all pssible threats. T achieve this gal, multiple detectin methds including HIDS shuld be emplyed t ensure cmprehensive cverage. The failure t secure any State f Missuri hst system with HIDS puts agencies at a much greater risk f lss. A single attack can cst millins f dllars in time spent recvering frm the attack and liability fr cmprmised data and hardware. The damage frm an attack t State f Missuri services can als include incnvenience t citizens and the lss f public cnfidence. HIDS can detect attacks that cannt be seen by a Netwrk-Based IDS since they mnitr events lcal t a hst. HIDS can ften perate in an envirnment where netwrk traffic is encrypted. HIDS are unaffected by switched netwrks. HIDS can detect, and in sme cases prevent, attacks that invlve sftware integrity breaches, such as Trjan Hrses. HIDS have the ability t mnitr lcal files fr any changes r mdificatins. HIDS can see the utcme f an attempted attack since they can directly access and mnitr the data files and perating system prcesses targeted by the attack. ASSSSOCI IATEED ARCHITEECTUREE LLEEVEELLSS Security Technical Cntrls Intrusin Detectin Systems Guideline COMPPLLI IANCEE COMPPONEENT TYPPEE
2 COMPPLLI IANCEE DEETAI ILL General HIDS Requirements Administratrs shall be trained n the IDS befre implementatin. Despite vendr claims f ease f use, training and/r experience are abslutely necessary t manage any IDS. It is preferred t have the HIDS cntrlled directly frm a central lcatin(s). Hwever, the HIDS may be agent-based where respnse decisins are made at the hst. IDS administratrs shall be able t create r change plicies easily. State the Guideline, Standard r Legislatin HIDS Deplyment Requirements HIDS shall be deplyed in cnjunctin with Netwrk-Based IDS t fully prtect the system. It is recmmended that rganizatins install the Netwrk-Based IDS first, fllwed by the HIDS installatin n critical servers. Once administratrs are familiar with the HIDS, it may be installed n the remainder f the rganizatin s hsts. HIDS shall be installed n any hst where sensitive r critical infrmatin is stred. It is preferred t install IDS Management sftware n a separate system frm the target hst being mnitred. It is preferred t have the HIDS use an agent-manager (server) architecture, where plicy is created and mdified n the manager and autmatically distributed t all agents. It is preferred that hst agents pll the manager at peridic intervals fr plicy changes r new sftware updates. HIDS Analysis Requirements HIDS shall utilize infrmatin frm perating system audit trails and system lgs. HIDS shall have easy-t-use tls t analyze the lgs. HIDS shall detect, and preferably prevent, the fllwing: System scanning (prbing the target with different kinds f packets t garner infrmatin abut the system, such as tplgy, active hsts, perating systems and sftware in use), Denial f Service (DS) (slw r shut dwn targeted systems r hsts), and Penetratin (unauthrized acquisitin and/r alteratin f system privileges, resurces, r data). HIDS shall use Misuse Detectin methds (matching a predefined pattern f events describing an attack) and may als include Anmaly Detectin (abnrmal, unusual behavir) cmpnents. Administratrs shall fllw a schedule fr checking the results f the HIDS t ensure attackers have nt mdified the system.
3 HIDS Respnse Requirements HIDS shall respnd in real-time. It is preferred that HIDS prvide active respnses t intrusins by: Cllecting additinal infrmatin: Turning up the number f events lgged, r Capturing all packets, nt just thse targeting a particular prt r system. Changing the envirnment: Terminating the cnnectin, r Recnfiguring ruters and firewalls t: Blck packets frm the intruder s IP address, Blck netwrk prts, prtcls r services, r Sever all cnnectins that use certain netwrk interfaces. HIDS administratrs shall wrk clsely with ruter and firewall administratrs when creating rules fr ruters and firewalls t ensure intruders cannt abuse the feature t deny access t legitimate users. HIDS may prvide passive respnses requiring subsequent human actin t intrusins by: Generating alarms and ntificatins with ppup windws, cellular phnes, pagers and , r Reprting alarms and alerts using SNMP traps and plug-ins t central netwrk management cnsles. All HIDS cmmunicatins shall be secure and use encrypted tunnels r ther cryptgraphic measures HIDS shall create utput with the fllwing infrmatin fr each intrusin detected: Time/date Sensr IP address Specific attack name Surce and destinatin IP addresses Surce and destinatin prt numbers Netwrk prtcl used Descriptin f the attack type Attack severity level Type f lss expected Type f vulnerability explited Input validatin (buffer verflw r bundary cnditin) Access validatin (faulty access cntrl mechanism) Exceptinal cnditin Envirnmental (unexpected interactin with an applicatin and the perating system r between tw applicatins) Hst Cnfiguratin
4 Race (delay between the time a system checks t see if an peratin is allwed and the time it perfrms the peratin) Design Sftware types and versins vulnerable Patch infrmatin t cunter the attack References t advisries abut the attack r vulnerability It is preferred that HIDS reprts cmbine redundant attack entries and make attacks f highest imprtance stand ut. NIST SP ( Intrusin Detectin Systems (IDS), Dcument Surce Reference # NIST SP ( CERT Guide t System and Netwrk Security Practices ( Standard Organizatin Website Cntact Infrmatin Cntact Infrmatin Gvernment Bdy Natinal Institute f Standards and Technlgy (NIST), Cmputer Security Resurce Center Website (CSRC) CVE Vulnerability Search n ICAT Metabase inquiries@nist.gv List all Keywrds KEEYWORDSS Hney Pt, intrusin, cracker, buffer verflws, passwrds, sniffing, explit, denial-f-service, Java, ActiveX, SMURF, DNS, prbes COMPPONEENT CLLASSSSI IFFI ICATION Prvide the Classificatin Emerging Current Twilight Sunset Ratinale fr Cmpnent Classificatin Dcument the Ratinale fr Cmpnent Classificatin Dcument the Cnditinal Use Restrictins Dcument the Migratin Strategy Dcument the Psitin Statement n Impact Cnditinal Use Restrictins Migratin Strategy Impact Psitin Statement
5 CURREENT SSTATUSS Prvide the Current Status) In Develpment Under Review Apprved Rejected AUDIT TRAILL Creatin Date 04/03/2003 Date Accepted / Rejected 05/14/2003 Reasn fr Rejectin Last Date Reviewed Reasn fr Update Last Date Updated
Name. Description. Rationale
Complliiance Componentt Description DEEFFI INITION Network-Based Intrusion Detection Systems (NIDS) Network-Based Intrusion Detection Systems (NIDS) detect attacks by capturing and analyzing network traffic.
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004E Payment Card Industry (PCI) Netwrk Security (prpsed) 01.1 Purpse The purpse f this Netwrk
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationA96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015
A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY
More informationChristchurch Polytechnic Institute of Technology Access Control Security Standard
CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin
More informationPENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK
Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs
More information2. When logging is used, which severity level indicates that a device is unusable?
Last updated by Admin at March 3, 2015. 1. What are the mst cmmn syslg messages? thse that ccur when a packet matches a parameter cnditin in an access cntrl list link up and link dwn messages utput messages
More informationState of Wisconsin. File Server Service Service Offering Definition
State f Wiscnsin File Server Service Service Offering Definitin Dcument Revisin Histry Date Versin Creatr Ntes 2/16/2008 1.0 JD Urfer First pass 2/16/2008 2.0 Tm Runge Editing changes 2/19/2009 2.1 Tm
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationFirewall Protection Profile
samhällsskydd ch beredskap 1 (10) ROS-ISÄK Rnny Janse 010-2404426 rnny.janse@msb.se Firewall Prtectin Prfile Extended Package: NAT samhällsskydd ch beredskap 2 (10) Innehållsförteckning 1. Intrductin...
More informationJunos Pulse Instructions for Windows and Mac OS X
Juns Pulse Instructins fr Windws and Mac OS X When yu pen the Juns client fr the first time yu get the fllwing screen. This screen shws yu have n cnnectins. Create a new cnnectin by clicking n the + icn.
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationDatasheet. PV4E Management Software Features
PV4E Management Sftware Features PV4E is a field prven cmprehensive slutin fr real-time cntrl ver netwrk infrastructure and devices The new and refreshed Graphic User Interface (GUI) is nw even mre attractive,
More informationManaged Firewall Service Definition. SD007v1.1
Managed Firewall Service Definitin SD007v1.1 Managed Firewall Service Definitin Service Backgrund It is imprtant t nte that the functin f any firewall service is t filter traffic cming int the netwrk (als
More informationSystems Support - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets
More informationHIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337
HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders
More informationViPNet VPN in Cisco Environment. Supplement to ViPNet Documentation
ViPNet VPN in Cisc Envirnment Supplement t ViPNet Dcumentatin 1991 2015 Inftecs Americas. All rights reserved. Versin: 00121-04 90 02 ENU This dcument is included in the sftware distributin kit and is
More informationWireless Light-Level Monitoring
Wireless Light-Level Mnitring ILT1000 ILT1000 Applicatin Nte Wireless Light-Level Mnitring 1 Wireless Light-Level Mnitring ILT1000 The affrdability, accessibility, and ease f use f wireless technlgy cmbined
More informationSecurity Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
More informationServ-U Distributed Architecture Guide
Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v14.0.1.0 Page 1 f 16 Intrductin Serv-U
More informationFY-2006 Networking and Security Engineering and Operations NASA Task TM: Richard Kurak
FY-2006 Task A-03: Netwrking and Security Engineering and Operatins NASA Task TM: Richard Kurak Task Summary: The Office f Chief Infrmatin Office (OCIO) is respnsible fr prviding ttal cmmunicatins capabilities
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationRSA-Pivotal Security Big Data Reference Architecture RSA & Pivotal combine to help security teams detect threats quicker and speed up response
RSA-Pivtal Security Big Data Reference Architecture RSA & Pivtal cmbine t help security teams detect threats quicker and speed up respnse ESSENTIALS RSA and Pivtal are cmbining t help custmers get: Better
More informationCOURSE DETAILS. Introduction to Ethical Hacking. FootPrinting. What is Hacking. Who is a Hacker. Skills of a Hacker.
COURSE DETAILS Intrductin t Ethical Hacking What is Hacking Wh is a Hacker Skills f a Hacker Types f Hackers Reasns fr Hacking Wh are at the risk f Hacking attacks Effects f Cmputer Hacking n an rganizatin
More informationScaleIO Security Configuration Guide
ScaleIO Security Cnfiguratin Guide 1 Intrductin This sectin prvides an verview f the settings available in ScaleIO t ensure secure peratin f the prduct: Security settings are divided int the fllwing categries:
More informationFirst Global Data Corp.
First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First
More informationImproved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
More informationPOLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014
State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)
More informationPersonal Data Security Breach Management Policy
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
More informationMANAGED VULNERABILITY SCANNING
Abut SensePst SensePst is an independent and bjective rganisatin specialising in infrmatin security cnsulting, training, security assessment services and IT Vulnerability Management. SensePst is abut security.
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationPreparing to Deploy Reflection : A Guide for System Administrators. Version 14.1
Preparing t Deply Reflectin : A Guide fr System Administratrs Versin 14.1 Table f Cntents Table f Cntents... 2 Preparing t Deply Reflectin 14.1:... 3 A Guide fr System Administratrs... 3 Overview f the
More informationSecurity Information and Event Management Project
Security Infrmatin and Event Management Prject Prpsal Submissin: Mr. Ken Fster 1 Cntents Recmmendatin:... 3 What is Security Infrmatin and Event Management:... 3 Business Case fr SEIM Deplyment:... 3 Cre
More informationSecurity Standard for General Information Systems
Ohi University Security Standard fr General Infrmatin Systems A Standard fr the Cnfiguratin and Operatin f Infrmatin Systems at Ohi University System Security Wrking Grup 10/24/2008 Security Standard fr
More informationService Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S
Service Level Agreement (SLA) Hsted Prducts Netp Business Slutins A/S Cntents 1 Service Level Agreement... 3 2 Supprt Services... 3 3 Incident Management... 3 3.1 Requesting service r submitting incidents...
More informationResearch Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013
Research Reprt Abstract: Advanced Malware Detectin and Prtectin Trends By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm, Senir Prject Manager September 2013 2013 by The Enterprise Strategy Grup,
More informationState of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)
State f Wiscnsin Divisin f Enterprise Technlgy (DET) Distributed Database Hsting Service Offering Definitin (SOD) Distributed Database Hsting SOD Page 1 12/9/2010 Dcument Revisin Histry (Majr Pst Publishing
More informationChapter 7 Business Continuity and Risk Management
Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity
More informationCNS-205: Citrix NetScaler 11 Essentials and Networking
CNS-205: Citrix NetScaler 11 Essentials and Netwrking Overview The bjective f the Citrix NetScaler 11 Essentials and Netwrking curse is t prvide the fundatinal cncepts and skills necessary t implement,
More informationSaaS Listing CA Cloud Service Management
SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters
More informationHelp Desk Level Competencies
Help Desk Level Cmpetencies Level 1 Take user calls and manage truble tickets Ability t staff and manage the rganizatins helpdesk and effectively respnd t rutine custmer calls Ability t use prper grammar
More informationEA-POL-015 Enterprise Architecture - Encryption Policy
Technlgy & Infrmatin Services EA-POL-015 Enterprise ure - Encryptin Plicy Authr: Craig Duglas Date: 17 March 2015 Dcument Security Level: PUBLIC Dcument Versin: 1.0 Dcument Ref: EA-POL-015 Dcument Link:
More informationEvaluation Report. 29 May 2013. Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 www.icsalabs.com
Plycm RealPresence Access Directr 29 May 2013 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 www.icsalabs.cm Table f Cntents Executive Summary... 1 System Cmpnents... 3
More informationVulnerability Management:
Vulnerability Management: Creating a Prcess fr Results Kyle Snavely Veris Grup, LLC Summary Organizatins increasingly rely n vulnerability scanning t identify risks and fllw up with remediatin f thse risks.
More informationHow To Install An Orin Failver Engine On A Network With A Network Card (Orin) On A 2Gigbook (Orion) On An Ipad (Orina) Orin (Ornet) Ornet (Orn
SlarWinds Technical Reference Preparing an Orin Failver Engine Installatin Intrductin t the Orin Failver Engine... 1 General... 1 Netwrk Architecture Optins and... 3 Server Architecture Optins and... 4
More informationVCU Payment Card Policy
VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this
More informationSecurely Managing Cryptographic Keys used within a Cloud Environment
Securely Managing Cryptgraphic Keys used within a Clud Envirnment Dr. Sarbari Gupta sarbari@electrsft-inc.cm 703-437-9451 ext 12 2012 NIST Cryptgraphic Key Management Wrkshp September 10-11, 2012 Intrductin
More informationCorporate Account Takeover & Information Security Awareness
Crprate Accunt Takever & Infrmatin Security Awareness What is Crprate Accunt Takever? A fast grwing electrnic crime where thieves typically use sme frm f malware t btain lgin credentials t Crprate Online
More informationOracle Cloud Enterprise Hosting and Delivery Policies
Oracle Clud Enterprise Hsting and Delivery Plicies Statement f Changes Versin 1.5, 6/01/2015 This dcument utlines changes made t the Oracle Clud Enterprise Hsting and Delivery Plicies dated December 1,
More informationSPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010
OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity
More informationPCI - Why You Need to be Compliant When Accepting Credit Card Payments. Agenda. Breaches in the Headlines. Breach Events & Commonalities
PCI - Why Yu Need t be Cmpliant When Accepting Credit Card Payments Tuesday, March 27, 2012 Agenda Breach Events & Cmmnalities Evlutin f PCI PCI Requirements Risks f Nn-cmpliance Industry Initiatives t
More informationLicensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite
Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This
More informationMobile Device Manager Admin Guide. Reports and Alerts
Mbile Device Manager Admin Guide Reprts and Alerts September, 2013 MDM Admin Guide Reprts and Alerts i Cntents Reprts and Alerts... 1 Reprts... 1 Alerts... 3 Viewing Alerts... 5 Keep in Mind...... 5 Overview
More informationNERC-CIP Cyber Security Standards Compliance Documentation
Cmpliance Dcumentatin Briv OnAir 8/3/20154 Page 2 Overview This dcument is intended t be the primary surce f infrmatin fr Briv s cmpliance with the Nrth America Electric Reliability Crpratin (NERC) reliability
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
Natinal Infrmatin Assurance Partnership Cmmn Criteria Evaluatin and Validatin Scheme Validatin Reprt Micrsft Windws 8, Micrsft Windws RT, Micrsft Windws Server 2012 IPsec VPN Client TM Reprt Number: CCEVS-VR-VID10529-2013
More informationInstallation Guide Marshal Reporting Console
Installatin Guide Installatin Guide Marshal Reprting Cnsle Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 2 Sftware Prerequisites 3 Installatin Prcedures 3 Appendix: Enabling
More informationUnderstand Business Continuity
Understand Business Cntinuity Lessn Overview In this lessn, yu will learn abut: Business cntinuity Data redundancy Data availability Disaster recvery Anticipatry Set What methds can be emplyed by a system
More informationSystem Business Continuity Classification
System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality
More information9 ITS Standards Specification Catalog and Testing Framework
New Yrk State ITS Standards Specificatin Develpment Guide 9 ITS Standards Specificatin Catalg and Testing Framewrk This chapter cvers cncepts related t develpment f an ITS Standards Specificatin Catalg
More informationUsing Sentry-go Enterprise/ASPX for Sentry-go Quick & Plus! monitors
Using Sentry-g Enterprise/ASPX fr Sentry-g Quick & Plus! mnitrs 3Ds (UK) Limited, February, 2014 http://www.sentry-g.cm Be Practive, Nt Reactive! Intrductin Sentry-g Enterprise Reprting is a self-cntained
More informationRequest for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply
Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t
More informationUnified Infrastructure/Organization Computer System/Software Use Policy
Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help
More informationServ-U Distributed Architecture Guide
Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v15.1.2.0 Page 1 f 20 Intrductin Serv-U
More informationESSS Vendor Evaluation Form WhiteCanyon Software
WhiteCanyn Sftware U.S. Department f Veterans Affairs Office f Infrmatin and Technlgy Infrmatin Prtectin and Risk Management Field Security Operatins Enterprise Security Slutin Service Date f Meeting:
More informationCitrix XenApp 6.5 Basic Administration
Citrix XenApp 6.5 Basic Administratin Descriptin: Days: 5 Prerequisites: Citrix XenApp 6.5 Basic Administratin training curse prvides the fundatin necessary fr administratrs t effectively centralize and
More informationPENETRATION TEST OF THE FOOD COMPUTER NETWORK
Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE FOOD AND DRUG ADMINISTRATION'S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office fpublic
More informationComtrex Systems Corporation. CISP/PCI Implementation Guidance for Odyssey Suite
CISP/PCI Implementatin Guidance fr Odyssey Suite Applicable Applicatin Versin This dcument supprts the fllwing applicatin versin: Odyssey Suite Versin 2.0 Intrductin Systems which prcess payment transactins
More informationAppendix A Page 1 of 5 DATABASE TECHNICAL REQUIREMENTS AND PRICING INFORMATION. Welcome Baby and Select Home Visitation Programs Database
Appendix A Page 1 f 5 The items in the list f database technical requirements belw was develped thrugh several meetings between First 5 LA Research and Evaluatin, Infrmatin Technlgy, and Prgram Develpment
More informationMaaS360 Cloud Extender
MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument
More informationAccess the SQLsafe Release Notes
Access the SQLsafe Release Ntes SQLsafe is a pwerful backup and recvery slutin that greatly reduces backup and recvery time, minimizes strage requirements, and prvides enterprise management capabilities
More informationBest Practices for Optimizing Performance and Availability in Virtual Infrastructures
Best Practices fr Optimizing Perfrmance and Availability in Virtual Infrastructures www.nimsft.cm Best Practices fr Optimizing Perfrmance and Availability in Virtual Infrastructures PAGE 2 Table f Cntents
More informationOFFICIAL JOB SPECIFICATION. Network Services Analyst. Network Services Team Manager
JOB SPECIFICATION FUNCTION JOB TITLE REPORTING TO GRADE WORK PATTERN LOCATION IT & Digital Netwrk Services Analyst Netwrk Services Team Manager Band D Full-time Birmingham TRAVEL REQUIRED Occasinally ROLE
More informationUBC Incident Response Plan V1.5
UBC Incident Respnse Plan V1.5 Cntents 1. Ratinale... 2 2. Objective... 2 3. Applicatin... 2 4. Reprting a Cmputer Security Incident... 2 5. Managing the Security Incident... 2 5.1. All Incidents... 2
More informationSupersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5
Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet
More informationService Level Agreement Distributed Hosting and Distributed Database Hosting
Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service
More informationSBClient and Microsoft Windows Terminal Server (Including Citrix Server)
SBClient and Micrsft Windws Terminal Server (Including Citrix Server) Cntents 1. Intrductin 2. SBClient Cmpatibility Infrmatin 3. SBClient Terminal Server Installatin Instructins 4. Reslving Perfrmance
More informationHP Email Archiving software for Microsoft Exchange
HP Email Archiving sftware fr Micrsft Exchange PST Imprt Tls Cmpnents and Deplyment Best Practices Table f Cntents Overview... 2 Prerequisites... 2 Cmpnents... 2 Archive Credentials... 2 PST Lader... 2
More informationVersion Date Comments / Changes 1.0 January 2015 Initial Policy Released
Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance
More informationEndpoint Protection Solution Test Plan
Endpint Prtectin Slutin Test Plan This test plan is intended t lay ut high-level guidelines fr testing and cmparing varius endpint prtectin and investigatin slutins. It specifies test envirnments, cnnectivity
More informationBit9 Security Solution Technology Whitepaper Date: September 17, 2015
P a g e 1 Bit9 Security Slutin Technlgy Whitepaper Date: September 17, 2015 Atlanta Bstn Dallas Denver Ls Angeles Manchester (U.K.) New Yrk San Francisc Seattle Washingtn, D.C. 877.224.8077 inf@calfire.cm
More informationAvePoint Perimeter 1.6. Administrator Guide
AvePint Perimeter 1.6 Administratr Guide Issued May 2016 Table f Cntents What s New in this Guide... 10 Abut AvePint Perimeter... 11 AvePint Perimeter Pr Features... 11 Licensing AvePint Perimeter... 11
More informationRSA Authentication Manager 5.2 and 6.1 Security Best Practices Guide. Version5
RSA Authenticatin Manager 5.2 and 6.1 Security Best Practices Guide Versin5 Cntact Infrmatin G t the RSA crprate web site fr reginal Custmer Supprt telephne and fax numbers: www.rsa.cm. Trademarks RSA,
More informationNuance Healthcare Services Project Delivery Methodology
NUANCE PROFESSIONAL SERVICES Nuance Healthcare Services 2008 Nuance Cmmunicatins, Inc. All rights reserved. Nuance Healthcare Services 1 INTRODUCTION This dcument describes the prject management methdlgy
More informationSession 9 : Information Security and Risk
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
More informationABELMed Platform Setup Conventions
ABELMed Platfrm Setup Cnventins 1 Intrductin 1.1 Purpse f this dcument The purpse f this dcument is t prvide prspective ABELMed licensees and their hardware vendrs with the infrmatin that they will require
More informationSystem Business Continuity Classification
Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required
More informationLearn More Cloud Extender Requirements Cheat Sheet
MaaS360.cm > Learn Mre Learn Mre Clud Extender Requirements Cheat Sheet OVERVIEW This dcument defines all requirements t ensure a successfully installatin f the Clud Extender t enable use f ActiveSync
More informationReadme File. Purpose. Introduction to Data Integration Management. Oracle s Hyperion Data Integration Management Release 9.2.
Oracle s Hyperin Data Integratin Management Release 9.2.1 Readme Readme File This file cntains the fllwing sectins: Purpse... 1 Intrductin t Data Integratin Management... 1 Data Integratin Management Adapters...
More informationCHANGE MANAGEMENT STANDARD
The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the
More informationIT Account and Access Procedure
IT Accunt and Access Prcedure Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release Table f Cntents 1.0 Overview... 1 2.0 Purpse... 1 3.0 Scpe... 1 4.0 Passwrds... 1 4.1
More informationexpertise hp services valupack consulting description security review service for Linux
expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS
More informationPROTIVITI FLASH REPORT
PROTIVITI FLASH REPORT The PCI Security Standards Cuncil Releases PCI DSS Versin 3.2 May 9, 2016 On April 28, 2016, the PCI Security Standards Cuncil (PCI SSC) released PCI Data Security Standard (PCI
More informationROSS RepliWeb Operations Suite for SharePoint. SSL User Guide
ROSS RepliWeb Operatins Suite fr SharePint SSL User Guide Sftware Versin 2.5 March 18, 2010 RepliWeb, Inc., 6441 Lyns Rad, Ccnut Creek, FL 33073 Tel: (954) 946-2274, Fax: (954) 337-6424 E-mail: inf@repliweb.cm,
More informationesafe SmartSuite Release Notes
Cntent Security esafe SmartSuite Release Ntes Versin: 8.5.25.0 Release Ntes Issue Date: May 20, 2010 Abut this release These release ntes prvide a list f the latest additins t esafe SmartSuite. esafe SmartSuite
More informationTen Steps for an Easy Install of the eg Enterprise Suite
Ten Steps fr an Easy Install f the eg Enterprise Suite (Acquire, Evaluate, and be mre Efficient!) Step 1: Dwnlad the eg Sftware; verify hardware and perating system pre-requisites Step 2: Obtain a valid
More informationAn Approach To. Web Application Threat Modeling
An Apprach T Web Applicatin Threat Mdeling By Akash Shrivastava April 2008 Akash.InfSec@gmail.cm 1. Overview In present internet cmputing envirnment ne r the ther frm f security has becme a requirement
More informationInternet Service Definition. SD012v1.1
Internet Service Definitin SD012v1.1 Internet Service Definitin Service Overview InTechnlgy Internet Service is a permanent Internet cnnectivity slutin. The service cnnects custmers t the InTechnlgy natinal
More information