Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • AuditScripts Critical Security Control Executive Assessment Tool V6.1a

    Încărcat de

    Bruno Raimundo
    139 vizualizări4 pagini
    Auditoria

    Titlu original

    AuditScripts Critical Security Control Executive Assessment Tool v6.1a

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    XLSX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Auditoria

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca XLSX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    139 vizualizări4 pagini

    AuditScripts Critical Security Control Executive Assessment Tool V6.1a

    Încărcat de

    Bruno Raimundo
    Auditoria

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca XLSX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 4

    Critical Security Controls Executive

    Accepted vs Addressed Risk


    Risk Addressed:

    Risk Accepted:

    Critical Security Control #1: Inventory of Authorized and Unauthorized Devices


    Has your organization implemented scanning tools (active & passive) to identify all the devices attached to the network?

    Has your organization implemented a Network Access Control (NAC) solution, which requires certificates, to authenticate devic

    Critical Security Control #2: Inventory of Authorized and Unauthorized Software


    Has your organization implemented scanning tools to identify all software applications installed in the organization?

    Has your organization implemented a software whitelisting tool that only allows authorized software program to execute on th

    Critical Control #3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
    Has your organization implemented scanning tools to identify any mis-configured security settings on systems in the organizatio

    Has your organization implemented a security setting configuration enforcement system on the organization's systems?

    Critical Security Control #4: Continuous Vulnerability Assessment and Remediation


    Has your organization implemented scanning tools to identify any software vulnerabilities on systems in the organization?

    Has your organization implemented an automated patch management system to continuously update the organization's system

    This work is licensed under a Creative Commons Attributio


    Controls Executive Assessment Tool (v6.1a)

    0%

    100%

    attached to the network? Select one of the Following:

    ertificates, to authenticate devices before they can connect to the network? Select one of the Following:

    d in the organization? Select one of the Following:

    ftware program to execute on the organization's systems? Select one of the Following:

    tops, Workstations, and Servers


    ngs on systems in the organization? Select one of the Following:

    e organization's systems? Select one of the Following:

    ystems in the organization? Select one of the Following:

    update the organization's systems? Select one of the Following:

    er a Creative Commons Attribution-ShareAlike 4.0 International License.


    ne of the Following: 0 0

    ne of the Following: 0 0

    ne of the Following: 0 0

    ne of the Following: 0 0

    ne of the Following: 0 0

    ne of the Following: 0 0

    ne of the Following: 0 0

    ne of the Following: 0 0

    0 1
    DO NOT CHANGE THESE VALUES

    Implementation Status
    Select one of the Following:
    Not Implemented
    Implemented on Some Systems
    Implemented on All Systems
    Implemented & Automated on All Systems

    S-ar putea să vă placă și