Куда я попал?
CIS Critical Security Controls v7.1 (SANS Top 20)
Framework
CSC 6.5
Для проведения оценки соответствия по документу войдите в систему.
Список требований
-
CSC 6.5 Central Log Management
Ensure that appropriate logs are being aggregated to a central log management system for analysis and review.Обязательно для implementation Group 2 3
Похожие требования
CIS Critical Security Controls v8 (The 18 CIS CSC):
8.2
8.2 Collect Audit Logs
Collect audit logs. Ensure that logging, per the enterprise’s audit log management process, has been enabled across enterprise assets.
Collect audit logs. Ensure that logging, per the enterprise’s audit log management process, has been enabled across enterprise assets.
8.9
8.9 Centralize Audit Logs
Centralize, to the extent possible, audit log collection and retention across enterprise assets.
Centralize, to the extent possible, audit log collection and retention across enterprise assets.
NIST Cybersecurity Framework (RU):
PR.PT-1
PR.PT-1: В соответствии с политикой определяются, документируются, внедряются и проверяются записи аудита / журналов событий
DE.AE-3
DE.AE-3: Данные о событиях агрегируются и коррелируются из нескольких источников и сенсоров
Russian Unified Cyber Security Framework (на основе The 18 CIS CSC):
8.9
8.9 Реализовано централизованное управление журналами регистрации событий
Централизовать ведение журналов аудита
Централизовать ведение журналов аудита
8.2
8.2 Реализован сбор журналов регистрации событий
Логирование включено для всех корпоративных устройств и ПО.
Логирование включено для всех корпоративных устройств и ПО.
Guideline for a healthy information system v.2.0 (EN):
16 STANDARD
/STANDARD
The information system’s security relies on the security of the weakest link. It is therefore necessary to standardise the management of security policies applying across the entire IT stock of the organization.
Applying these policies (managing passwords, restricting logins on certain sensitive devices, configuring web browsers, etc.) must be simple and quick for administrators, with a view to facilitate the implementation of counter measures in the event of an IT crisis.
To do this, the organization may deploy a centralised management tool (for example Active Directory in the Microsoft environment) into which it is possible to include as many IT devices as possible. Workstations and servers are concerned by this measure, which may require upstream harmonization work in matter of hardware and operating systems selection.
Therefore, hardening policies for the operating system or applications may easily be applied from a central point while favouring the expected responsiveness in the event reconfiguration is required.
The information system’s security relies on the security of the weakest link. It is therefore necessary to standardise the management of security policies applying across the entire IT stock of the organization.
Applying these policies (managing passwords, restricting logins on certain sensitive devices, configuring web browsers, etc.) must be simple and quick for administrators, with a view to facilitate the implementation of counter measures in the event of an IT crisis.
To do this, the organization may deploy a centralised management tool (for example Active Directory in the Microsoft environment) into which it is possible to include as many IT devices as possible. Workstations and servers are concerned by this measure, which may require upstream harmonization work in matter of hardware and operating systems selection.
Therefore, hardening policies for the operating system or applications may easily be applied from a central point while favouring the expected responsiveness in the event reconfiguration is required.
Связанные защитные меры
Ничего не найдено