Computer Security Control Objectives.docx
《Computer Security Control Objectives.docx》由会员分享,可在线阅读,更多相关《Computer Security Control Objectives.docx(17页珍藏版)》请在冰豆网上搜索。
ComputerSecurityControlObjectives
ComputerSecurityandControlObjectives
ListofControlObjectives
Pleasefindenclosedseveralcontrolobjectivesthatshouldhelpmeettheminimumlevelofsecurityandcontrolofacomputernetwork.
A.Desktop
∙Theusershouldberequiredtosignontotheircomputerwithauseridandpassword.
∙Thepasswordforanyserverotherthanthepersonalcomputershouldnotbestoredonthepersonalcomputerinanyfileinanyformat
∙Directoryandfilesonthepersonalcomputershouldberestrictedtoauthorizedusersonly.
∙Alegalnoticeshouldbedisplayedtoinformtheuserofthesensitivenatureoftheinformationandtheirresponsibilitytokeepitsafe.
∙Thelastauthenticatedusershouldnotbedisplayedonthesignonscreen
∙AsystempolicyshouldbeinplacethatpreventsthesharingofresourcesonthelocalWindows95workstation.
∙AuserpolicyshouldbeappliedtotheDomainUsersgroup,whichremovesanycommonicongroupsfromtheStartMenu.
∙Astandardsecurityandcontrolconfigurationshouldbeestablishedandapprovedbymanagement.Theenforcementofthestandardconfigurationshouldbecontrolledbyanetworkmanagementproductthroughperiodicinventorycontrol.
∙Standardapplicationsshouldbeestablishedtoreducetheerrorsandomissionsthatoccurwhensupportingmultipleenduserconfigurations.Inaddition,theestablishmentofastandardapplicationenvironmentonthedesktopshouldreducethesupportandmaintenanceeffortrequired.
∙ForthebestoverallsecuritytheWindowsNT4.0workstationoperatingsystemshouldbetherecommendedstandard.
B.FileServers
∙Shouldbephysicallysecured
∙Corporateauthenticationstandardsshouldbemet
∙ChallengeHandshakeAuthenticationProtocol(CHAP)
∙Passwordlengthofatleast8characters
∙Passwordagingof30days
∙Passwordminimumageof1day
∙Passwordconstructionofamixtureofalphaandnumericcharacters
∙Passwordhistoryfileisestablished
∙Invalidsignonattemptsof3withtheuseraccountbeinglockedafterreachingthisthreshold
∙Resetinvalidsignonattemptsafter1440(oneday)
∙Lockoutduration3days
∙Lockoutofuseraccountsforinactivity
∙Re-evaluationofauser'sprivilegeswhenauser'sjobstatuschanges
∙Corporateauthorizationstandardsshouldbemet
∙Guestaccountshouldbedisabled
∙Administrationuseraccountshouldbeprotectedbypassprop(resourcekit)whichwillforcetheAdministratoraccounttolockupafterthesamenumberofinvalidattemptsasanynormaluser.ThedifferenceisthateveninthiscasetheAdministratoraccountcanstillsignonatthesystemconsole.
∙Everyonegroupshouldhaverestricteddirectoryaccess
∙Allotherusersandgroupsshouldonlyhavethedirectoryandfilepermissionsrequiredbytheirjobresponsibilities
∙NTFSshouldbeinstalled
∙Allgroupaccountsshouldonlyhavevalidusersastheirmembers
∙Alluserrightsshouldberestrictedtousersthatrequirethislevelofresponsibilityfortheirjobfunction.
∙TrustedDomainsshouldbeusedsparingly
∙Allservicesshouldberemovedunlessrequiredtooperatetheserver
∙ConfiguretheprotocolbindingsbetweenTCP/IP,NetBIOS,ServerandWorkstationservices.ByremovingthebindingsbetweenNetBIOSandTCP/IP,thenativefilesharingserviceswillnotbeaccessibleviaTCP/IPandhencetheInternet.TheseandotherNetBIOSserviceswillstillbeaccessibleviaalocalLAN-specific,non-routableprotocol(ex:
NetBEUI).
∙Corporateaccountabilitystandardsshouldbemet
∙Adequateaudittrailsshouldbeestablishedfor:
∙Logonandlogoffs
∙Fileandobjectaccess
∙Userandgroupmanagement
∙Securitypolicychanges
∙Changecontrol
∙Allchangestotheoperatingenvironmentshouldbeproperlytestedanddocumented
∙Backup
∙Anadequatebackupscheduleshouldbeestablished
∙Backupfilesshouldbestoredinasecuredoff-sitelocation
∙Contingencyplanning
∙Anadequatecontingencyplanthatallowsthefileserverandtheassociatedapplicationscanberestoredwithinareasonabletimeframe(determinedbyariskanalysisandmanagementapproval).
∙ServicePacks
∙EnsurethatthereisamechanismtoensurethatalldevicesincludingtheFileServerhavethelatestpatches/servicepack.
C.LAN&WAN
∙Informationthattravelsoverthenetworkshouldbeclassifiedastoalevelofsensitivity.Basedonthisclassificationthenetworktransmissionshouldnotpermitthetransferofcleartextsensitivedata.Thiswouldinclude:
∙Passwords
∙Legaldocuments
∙Datathatisprotectedbystateorfederallaw
∙Wherepossiblesensitivedatatransfershouldbeprotectedbyusingoneofthefollowing:
∙CHAP-foruseridandpasswordauthentication
∙Securedhubs
∙Encryption
∙Cisco'sIPSectechnology
∙Redundancyshouldbebuiltintothenetworktoallowfortheuninterruptednetworkservices.
∙Vendoraccessshouldbeclearlydefinedandcontrolled.
∙Securedsignon
∙Audittrailofactivity
∙Noadministrationrightsontheproductionserver
∙Nogenericpasswords(individualaccountability)
∙Controlsshouldbeinplacetopreventsessionhi-jacking.
D.NetworkComponents
∙Allnetworkcomponentsshouldmetthefollowingcontrolobjectives:
∙Securedauthentication(CHAP)forremoteadministration
∙Propersecurityconfiguration
∙SNMPalarms
∙AccessControlList(ACLs)ifappropriate
∙Audittrailofconfigurationchanges
∙Changecontrolforconfigurationchanges
∙Testing
∙Backupcopy
∙Secureddialupaccess(CHAP)ifpresent
∙Physicallysecuredtopreventtheftorunauthorizedaccess
E.Firewall
∙Theinstalledfirewall(s)shouldmetthefollowingcontrolobjectives:
∙Securedauthentication(CHAP)forremoteadministration
∙Restrictedlistofusersthatcanadministratethefirewall
∙Propersecurityconfiguration
∙Rules
∙SelfsecuritycheckssuchasTripwire
∙Audittrailsofconfigurationchanges
∙Changecontrolforconfigurationchanges
∙Testing
∙Backupcopy
∙Operationalconfiguration
∙Connectiontracking
∙PreventionofIPSpoofinganddenialofserviceattacks
∙PreventionofaccesstohostcomputersbyIPaddress
∙Restrictiontoonlyrequiredservices
∙Singlepointofnetworkentry
∙Violationreportingofunauthorizedusers
∙Realtimealertsofsecuritybreaches
F.Proxy
∙Theinstalledproxy(ies)shouldmetthefollowingcontrolobjectives:
∙Securedauthentication(CHAP)forremoteadministration
∙Restrictedlistofusersthatadministratetheproxy
∙Propersecurityconfiguration
∙Rules
∙SelfsecuritycheckssuchasTripwire
∙Audittrailsofconfigurationchanges
∙Changecontrolforconfigurationchanges
∙Testing
∙Backupcopy
∙Operationalconfiguration
∙Connectiontracking
∙PreventionofIPSpoofing
∙PreventionofaccesstohostcomputersbyIPaddress
∙Restrictiontoonlyrequiredservices
∙Blockingunwantedsites
F.RemoteCommunicationServer
∙Securedadministrationauthenticationprocess(CHAP)
∙Secureduserauthenticationprocess(CHAP)
∙Shouldmettheauthenticationstandardsoftheorganization
∙Shouldbephysicallysecured
∙Shouldcontainaudittrailsofchangestoconfiguration
∙Changecontrolforconfigurationchanges
G.SingleSignOn
∙Thebankshouldimplement,ifatallpossible,asinglesignonsolutionforendusers
∙CiscoSecuremayhavethecapabilitytomeetthisobjective
H.HostAccess
∙Allhostaccessshoulduseasecureauthenticationprocess(CHAP)
∙AllhostaccessshouldmeettheauthenticationstandardsoftheBank
∙Onlyauthorizedusersshouldhaveaccesstohostapplications
∙Allhostaccessshouldcontainanadequateaudittrailbyuseroftheiractivitiesonthehost.
I.ChangeControl
∙Thebankshouldestablishanadequatechangecontrolpolicyforthecompleteproductionenvironment.
∙Thiswouldincludetheseparationofthefollowingenvironments:
∙Development
∙Test(QualityAssurance)
∙Production
∙Testingstandardsshouldbedevelopedtoensurethatanychangeisadequatelytestedandthatpropertestcoverageiscompletedpriortothemovementtotheproductionenvironment.
J.IncidentReporting
∙Anincidentreportingsystemshouldbeestablishedforallproduction:
∙Outages
∙Problems
∙Theincidentreportingsystemshouldtractboththeproblemandtheresolutionoftheproblem.
K.PhysicalSecurity
∙Allcomputersandcomponentsshouldhaveaninventorycontrolnumber
∙Adatabaseofeachcomponentslocationshouldbeestablished
∙Anycriticalcomponentshouldbephysicallysecured
L.ContingencyPlanning
∙Ariskanalysistodeterminethefollowingriskfactorsshouldbecompleted:
∙SensitivityRisk
∙Sensitivedata
∙Dataprotectedbylaws
∙CriticalityRisk
∙AvailabilityofdataandtheimpacttotheBank
M.DynamicAlarms
∙Alarmsshouldbeestablishedtodeterminethefollowing:
∙Changestoanysecurityconfigurationforanydevice
∙Attacks
∙Insider
∙Outsider
∙Trendanalysisshouldbeusedbycollectingtheauditfilesandlookingforsuspiciousactivity
∙REALSecureisaproductthatcanbeconfiguredtocheckforcertaintypeofattacks.
N.AuditReporting
∙Adequateauditreportsneedtobedesignedintoeachdevicetoallowforthecompleteandproperreviewofthecurrentconfigurationevolutionprocess.
∙Auditreportingshouldbedynamiconsensitivedevicesandmanualonothers.
∙Tailoredreportsmayberequiredtomeetauditobjectiveswhichincludebutarenotlimitedto:
∙Accesscontrolreports
∙Whoaccesswhat,whenincludingInternetaccess
∙Integrityreportsthatdemonstratethatanyprocessorchangetoaprocesswhatproperlytestedtoensurethatitonlyperformstheactivityrequiredbyitsfunction.
∙