Куда я попал?
SECURITM это SGRC система, ? автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.

CIS Critical Security Controls v8 (The 18 CIS CSC)

Framework

4.5

Для проведения оценки соответствия по документу войдите в систему.

Похожие требования

Guideline for a healthy information system v.2.0 (EN):
17 STANDARD
/STANDARD
After having succeeded in taking control of a workstation (due, for example, to a vulnerability of the web browser), a hacker will often seek to spread his intrusion to other workstations and, ultimately, access users’ documents. 

In order to make this sideways movement from the hacker more difficult, it is necessary to activate the local firewall of workstations thanks to built-in (local Windows firewall) or specialised software. 

Flows from device to device are very rare in a traditional office network: files are stored on file servers, applications are accessible on business servers, etc. 
14 STANDARD
/STANDARD
Depending on his level of IT security practices, the user, a great deal of the time, is the first port of call for hackers trying to enter the system. It is therefore fundamental to implement a minimum level of security across the entire IT stock of the organization (user devices, servers, printers, phones, USB peripherals, etc.) by implementing the following measures:
  • limit the applications installed and optional modules in web browsers to just what is required;
  • equip users’ devices with an anti-virus and activate a local firewall (these are often included in the operating system);
  • encrypt the partitions where user data is stored;
  • deactivate automatic executions (autorun). 
In the event of a necessary exception from the general security rules applicable to devices, these devices must be isolated from the system (if it is impossible to update certain applications for interoperability reasons for example). 
ГОСТ Р № ИСО/МЭК 27001-2021 от 01.01.2022 "Информационная технология. Методы и средства обеспечения безопасности. Системы менеджмента информационной безопасности. Требования - Приложение А":
A.13.1.1
A.13.1.1 Меры обеспечения информационной безопасности для сетей 
Мера обеспечения информационной безопасности: Сети должны управляться и контролироваться для обеспечения защиты информации систем и приложений 
CIS Critical Security Controls v7.1 (SANS Top 20):
CSC 9.4 CSC 9.4 Apply Host-Based Firewalls or Port-Filtering
Apply host-based firewalls or port-filtering tools on end systems, with a default-deny rule that drops all traffic except those services and ports that are explicitly allowed.
Strategies to Mitigate Cyber Security Incidents (EN):
2.8.
Software-based application firewall, blocking incoming network traffic that is malicious/unauthorised, and denying network traffic by default (e.g. unneeded/unauthorised RDP and SMB/NetBIOS traffic).
Relative Security Effectiveness:  Very Good | Potential User Resistance:   Low | Upfront Cost:  Medium | Ongoing Maintenance Cost:  Medium
1.8.
Deny corporate computers direct internet connectivity. Use a gateway firewall to require use of a split DNS server, an email server and an authenticated web proxy server for outbound web connections.
Relative Security Effectiveness:  Excellent | Potential User Resistance:  Medium | Upfront Cost:  Medium | Ongoing Maintenance Cost:  Low
2.9.
Software-based application firewall, blocking outgoing network traffic that is not generated by approved/trusted programs, and denying network traffic by default.
Relative Security Effectiveness:  Very Good | Potential User Resistance:   Medium | Upfront Cost:  Medium | Ongoing Maintenance Cost:  Medium
Стандарт № ИСО/МЭК 27001:2022(E) от 25.10.2022 "Информационная безопасность, кибербезопасность и защита частной жизни — Системы управления информационной безопасностью — Требования. Приложение А":
А.8.20
А.8.20 Сетевая безопасность
В целях защиты информации в системах и приложениях должны быть защищены, управляться и контролироваться сети и сетевые устройства.
Стандарт № ISO/IEC 27001:2022(E) от 25.10.2022 "Information security, cybersecurity and privacy protection — Information security management systems — Requirements. Annex A":
А.8.20
А.8.20 Networks security
Networks and network devices shall be secured, managed and controlled to protect information in systems and applications.

Связанные защитные меры

Ничего не найдено