Vai al contenuto principale della pagina
Autore: | Souppaya Murugiah |
Titolo: | Security configuration checklists program for IT products : guidance for checklists users and developers (NIST special publication 800-70) / / Murugiah Souppaya, John P. Wack, Karen Kent |
Pubblicazione: | Gaithersburg, Md. : , : U.S. Dept. of Commerce, , 2005 |
Descrizione fisica: | 1 online resource (1 volume (various pagings)) : illustrations (some color) |
Disciplina: | 005.8 |
Soggetto topico: | Computer networks - Security measures |
Computer networks - Security measures - United States | |
Computer security - Standards | |
Persona (resp. second.): | KentKaren (Karen Ann) |
WackJohn P. | |
Note generali: | Title from PDF title screen (NIST, viewed Mar. 24, 2011). |
"May 2005." | |
"Sponsored by the Department of Homeland Security"--cover. | |
Nota di bibliografia: | Includes bibliographical references. |
Sommario/riassunto: | Abstract: The National Institute of Standards and Technology (NIST) has produced Security Configuration Checklists Program for IT Products: Guidance for Checklist Users and Developers to facilitate the development and dissemination of security configuration checklists so that organizations and individual users can better secure their IT products. A security configuration checklist (sometimes called a lockdown or hardening guide or benchmark) is in its simplest form a series of instructions for configuring a product to a particular security level (or baseline). It could also include templates or automated scripts and other procedures. Typically, checklists are created by IT vendors for their own products; however, checklists are also created by other organizations such as consortia, academia, and government agencies. The use of well-written, standardized checklists can markedly reduce the vulnerability exposure of IT products. Checklists may be particularly helpful to small organizations and individuals that have limited resources for securing their systems. This publication is intended for users and developers of IT product security configuration checklists. For checklist users, this document gives an overview of the NIST Checklist Program, explains how to retrieve checklists from NIST's repository, and provides general information about threat discussions and baseline technical security practices for associated operational environments. For checklist developers, the document sets forth the policies, procedures, and general requirements for participation in the NIST Checklist Program. |
Titolo abbreviato (Periodici): | SECURITY CONFIGURATION CHECKLISTS PROGRAM FOR IT PRODUCTS |
Titolo autorizzato: | Security configuration checklists program for IT products |
Formato: | Materiale a stampa |
Livello bibliografico | Monografia |
Lingua di pubblicazione: | Inglese |
Record Nr.: | 9910703173103321 |
Lo trovi qui: | Univ. Federico II |
Opac: | Controlla la disponibilità qui |