Uffauditing-data-center-access-control-system-independent
This paper is from the SANS IT Audit site. Reposting is not permited without express written permission.
Copyright SANS Institute Author Retains Full Rights
Interested in learning more?
Check out the list of upcoming events offering "IT Security Audit and Control Essentials (Audit 410)" at http://it-audit.sans.org/events/
Key fingerprint = AF19FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
© SANS Institute 2003,
©
SA
NS
In
sti
tu
As part of GIAC practical repository.
te
20
Barry Cox GSNA Practical Version 2.1
03
,A
ut
ho
AUDITING YOUR DATA CENTER ACCESS CONTROL SYSTEM: AN INDEPENDENT AUDITORS PERSPECTIVE
rr
eta
ins
fu ll r igh ts.
Author retains full rights.
Abstract Keyfingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 A thorough audit of any system looks at the physical access to the server(s). In most cases the data center is where that system resides. The ability to properly control and monitor access to a corporate data center has become a large task. Gone are the days of key or code locked doors. Today electronic access control systems arerequired. Access control systems that use the very technology they are designed to protect. The ability to properly audit you access control system is the key first step to protecting all of the system that reside within any secure data facility.
© SANS Institute 2003,
©
SA
NS
In
sti
tu
As part of GIAC practical repository.
te
20
03
,A
ut
ho
rr
eta
insfu ll r igh ts.
Author retains full rights.
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
TABLE O F CO NTENTS ASSIGNM ENT ONE COMPANY O VERVIEW THE SYSTEM EVALUATING SYSTEM RISK CURRENT STATE OF P RACTICE ASSIGNM ENT TWO 5 5 6 8 10 13 13 13 14 14 15 15 16 17 17 18 19 20 20 21 21 22 23 24 24 25 27 27 30 31 33 35 36 38 41 43 45
DECISION CRITERIA FOR 10 CHECKLISTITEM TO BE P ERFORMED TEST ITEM #1 TEST ITEM #2 TEST ITEM #3 TEST ITEM #4 TEST ITEM #5 TEST ITEM #6 TEST ITEM #7 TEST ITEM #8 TEST ITEM #9
© SANS Institute 2003,
©
SA
ASSIGNM ENT T HREE
NS
CHECKLIST ITE M ONE - S ERVICE P ACKS AND HO T FIX ES FOR SERVER CHECKLIST ITE M TWO - SERVER ACCOUNT P ASSW ORD POLICIES CHECKLIST ITE M THREE - BACKUP PROCEDURES FOR WORKSTATIONS AND SERVERCHECKLIST ITE M FOUR - GENER AL S ERVER V ULNERABILITY CHECK CHECKLIST ITE M FIVE - RE MOTE CONSOLE M AN AGE MEN T OF THE SERVER CHECKLIST ITE M SIX - GMS32 APPLIC ATION ACCOUNT P ASSWORD POLICIES CHECKLIST ITE M SEV EN - APPLIC ATION PRIVILEGE ASSIGN MEN T CHECKLIST ITE M EIGHT - BACKUP AND RESTORE PROCEDURES FOR THE APPLIC ATION CHECKLIST ITE M NINE - SERVER CONFIGURED AND HARDENED DURING INSTALLATION CHECKLIST ITE M TEN - PH YSIC AL SECURITY OF THE S YSTEM C ONSOLES CHECKLIST ITE M ELEVEN - BUSINESS CON TINUITY OR CONTINGENC Y PL ANNING CHECKLIST ITE M TWELVE - S YS TE M M ODIFICATION \CH ANGE M AN AGE MEN T CHECKLIST ITE M THIRTEEN - APPLIC ATION AL AR M RES PONSE CHECKLIST ITE M FOURTEEN - TR AFFIC ENCR YP TION \INTERCEPTION CHECKLIST ITE M FIFTEEN - ANTI -V IRUS PRAC TICES FOR THESERVER CHECKLIST ITE M SIXTEEN - APPROVING REQU ESTS FOR DATA CEN TER ACCESS CHECKLIST ITE M SEV ENTE EN - PROCESS FOR RE MOV AL /CH AN GE OF ACCESS CHECKLIST ITE M EIGHTEEN - SECURITY AW ARENE SS PRO GR AM CHECKLIST ITE M NINETEEN - S ERVER DI ALUP SUPPOR T M ODEM CON TROL CHECKLIST ITE M TWENTY - RES TRICTED VPN ACCOUNT FOR V ENDOR
In
sti
tu
As part of GIAC practical repository.
te20
03
,A
ut
ho
rr
eta
ins
fu ll r igh ts.
Author retains full rights.
TEST ITEM #10 Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 ASSIGNM ENT FOUR EXECUTIVE SUMMARY OBSERV ATI ON #1 CHECKLIST ITE M #1 – P ATCHES AND FIX ES OBSERV ATI ON #2 CHECKLIST ITE M #2 – S ERVER ACCOUNT P ASSWORD POLICIES OBSERV ATI ON #3 CHECKLIST ITE M #4 – GENER AL...
Regístrate para leer el documento completo.