56 Managing Network Vulnerability Assessment
Exhibit 3. Areas of Concern and Supporting Departments
ISO 17799 Section Description
Group Responsible
6.3.1 Reporting of Security Incidents Implement procedures and standards f
or formal reporting and incident
response action to be taken on receipt of an incident report.
Emergency Response
Team (ERT)
6.3.2 Reporting of Security Weaknesses Implement standards and procedures to ensure that users are aw
are of
the requirement to note and report all observed or suspected security
weaknesses in or threats to systems or services.
ERT
6.3.3 Reporting of Software Malfunctions Implement standards and user training to ensure that users note and repor
t
to the proper location any software that does not function correctly.
ERT
8.1.3 Incident Management Procedures Implement standards and procedures to identify incident manag
ement
responsibilities and to ensure a quick, effective, orderly response to
security incidents.
ERT
8.2.1 Capacity Planning Implement standards to ensure that capacity requirements are
monitored, and future requirements projected, to reduce the risk of
system overload.
Systems & Operations
8.3.1 Controls against Malicious Software Implement standards and user training to ensure that virus detection
and prevention measures are adequate.
Operations
8.4.3 Fault Logging Implement procedures for logging faults reported by users regarding
problems with computer or communications systems.
Operations
8.5.1 Network Controls Implement appropriate standards to ensure the security of data in
networks and the protection of connected services from unauthorized
access.
Network
9.7.1 Event Logging Implement standards to have audit trails record exceptions and other
security-relevant and that they are maintained to assist in future
investigations and in access control monitoring.
Operations
9.7.2 Monitoring System Use Implement procedures for monitoring system use to ensure that users
are only performing processes that have been explicitly authorized.
Operations
9.7.3 Clock Synchronization Implement standards to ensure computer or communications device
clocks are correct and in synchronization.
Operations
9.5.1 Automatic Terminal Identification Implement standards for automatic terminal identification to
authenticate connections to specific locations.
Operations
Network Vulnerability Assessment Methodology 57
9.5.5 Use of System Utilities Implement standards to restrict access to system utility programs that
could be used to override system and application controls.
Operations
9.5.8 Limitation of Connection Time Implement standards to identify the period during which terminals can
be connected to sensitive application systems.
Access Control
9.6.2 Isolation of Sensitive Systems Implement standards to isolate sensitiv
e application systems processing
environment.
Operations
10.2.3 Message Authentication Implement standards to ensure that message authentication is considered
for applications that involve the transmission of sensitive data.
Applications
10.3.1 Policy on the Use of Cryptographic
Controls
Implement policies and standards on the use of cryptographic controls,
including management of encryption keys, and effective
implementation.
Asset Classification
10.4.1 Control of Operational Software Implement standards. Is strict control e
xercised over the implementation
of software on operational systems?
Systems
10.5.1 Change Control Procedures Implement standards and procedures f
or formal change control
procedures.
Systems
10.5.2 Technical Review of Operating
System Changes
Implement procedures to review application systems when changes to
the operating systems occur.
Systems
10.5.3 Restrictions on Changes to
Software Packages
Implement standards to restrict modifications to vendor-supplied
software.
Systems &
Applications
10.5.4 Covert Channels and Trojan Code Implement standards and procedures to av
oid covert channels or Trojan
codes. These standards and procedures should address, at a minimum,
that the organization: buy programs only from a reputable source; buy
programs in source code that is verifiable; use only evaluated products;
inspect all source code before operational use; control access to, and
modification of, installed code; and use trusted staff to work on key
systems.
Systems
11.1.1 Business Continuity Management
Process
Implement procedures for the development and maintenance of
business continuity plans (BCPs) across the organization.
BCP
11.1.5 Testing, Maintaining, and
Reassessing Business
Continuity Plans
Implement standards to ensure regular testing of the BCPs.
BCP
Exhibit 3. Areas of Concern and Supporting Departments (Continued)
ISO 17799 Section Description
Group Responsible
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.