[LINK] US Gov computer security checklists

Marghanita da Cruz marghanita at ramin.com.au
Fri May 9 08:32:21 AEST 2008 

This website was brought to my attention a few days ago...linkers review of it
would be most welcome
> Governing for Enterprise Security
> Background
<http://www.cert.org/governance>

Marghanita
stephen at melbpc.org.au wrote:
> The US Government 'National Vulnerability Database' http://nvd.nist.gov
> 
> The US Government tasks the National Institute of Standards and Technology 
> (NIST) to "develop, and revise as necessary, checklists setting forth 
> settings and option selections that minimize the security risks associated 
> with each computer hardware or software system that is, or is likely to 
> become widely used within the US Federal Government.
> 
> The National Checklist Program (NCP) is the U.S. government repository of 
> publicly available security checklists (or benchmarks) that provide 
> detailed guidance on setting the security configuration of operating 
> systems and applications."
> 
> For example, here's what they say about their WinXP security checklist:
> 
> (Note: they also have security checklists for the flavours of *nix)
> 
> --
> NIST Special Publication 800-68 has been created to assist IT 
> professionals, in particular Windows XP system administrators and 
> information security personnel, in effectively securing Windows XP 
> Professional systems. 
> 
> It discusses Windows XP and various application security settings in 
> technical detail. The guide provides insight into the threats and security 
> controls that are relevant for various operational environments, such as 
> for a large enterprise or home office. It describes the need to implement 
> and test security controls, as well as to monitor and maintain systems on 
> an ongoing basis. It presents an overview of the security components 
> offered by Windows XP and provides guidance on installing, backing up, and 
> patching Windows XP systems. It discusses security policy configuration, 
> provides an overview of the settings in the accompanying security 
> templates, and discusses how to apply additional security settings that 
> are not included in the NIST security templates. It demonstrates securing 
> popular office productivity applications, Web browsers, e-mail clients, 
> personal firewalls, antivirus software, and spyware detection and removal 
> utilities on Windows XP systems to provide protection against viruses, 
> worms, Trojan horses, and other types of malicious code..
> --
> 
> Message sent using MelbPC WebMail Server
> 
> 
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
> 


-- 
Marghanita da Cruz
http://www.ramin.com.au
Phone: (+61)0414 869202

More information about the Link mailing list