Search results
Results from the WOW.Com Content Network
FDCC applied only to Windows XP and Vista desktop and laptop computers and was replaced by the United States Government Configuration Baseline (USGCB), which included settings for Windows 7 and Red Hat Enterprise Linux 5. For Windows 7, the NIST changed the naming convention to the US Government Computer Baseline (USGCB ver 2.0).
In the process of performing configuration management, configuration items (or work products) may be assigned a baseline so as to establish them as having a certain status. In this sense, to baseline a work product may require certain change(s) to the work product to ensure it conforms to the characteristics associated with the baseline referenced.
The Extensible Configuration Checklist Description Format (XCCDF) is an XML format specifying security checklists, benchmarks and configuration documentation. XCCDF development is being pursued by NIST , the NSA , The MITRE Corporation , and the US Department of Homeland Security .
NIST Special Publication 800-53 is an information security standard that provides a catalog of privacy and security controls for information systems.Originally intended for U.S. federal agencies except those related to national security, since the 5th revision it is a standard for general usage.
Select a baseline set of security controls for the information system based on its security categorization. Tailor and supplement the baseline controls as needed, based on an organizational risk assessment and specific local conditions. If applicable, overlays are added in this step. [2] [9] Implement the security controls identified in the ...
Examples where STIGs would be of benefit is in the configuration of a desktop computer or an enterprise server. Most operating systems are not inherently secure, [1] which leaves them open to criminals such as identity thieves and computer hackers. A STIG describes how to minimize network-based attacks and prevent system access when the ...
Published in September 2006, the NIST SP 800-92 Guide to Computer Security Log Management serves as a key document within the NIST Risk Management Framework to guide what should be auditable. As indicated by the absence of the term "SIEM", the document was released before the widespread adoption of SIEM technologies.
This companion standard is needed to provide a resource that standardizes Configuration Management (CM) requirements specific to National Aeronautics and Space Administration (NASA) agreements and design activities. This Standard provides a template of CM requirements and user guidance for tailoring the requirements for each unique use case.