Information Security Transformation-Nahil Mahmood-Lecture 109

Uploaded by

فیضان راجپوت

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

28 views8 pages

Information Security Transformation-Nahil Mahmood-Lecture 109

Uploaded by

فیضان راجپوت

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 8

SECURITY HARDENING - SECURE SOFTWARE IMAGES

• CIS 20 CRITICAL
SECURITY CONTROLS
• CONTROL 5, VERSION 7
• Secure Configuration
for Hardware and
Software on Mobile
Devices, Laptops,
Workstations and
Servers

1
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.1 Establish Secure

Configurations
• Maintain documented,
standard security
configuration standards
for all authorized
operating systems and
software.

2
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.2 Maintain Secure

Images
• Maintain secure images
or templates for all
systems in the
enterprise based on the
organization's approved
configuration standards.
Any new system
deployment or existing
system that becomes
compromised should be
3
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.2 Maintain Secure

Images
• …imaged using one of
those images or
templates.

4
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.3 Securely Store Master

Images
• Store the master images
and templates on
securely configured
servers, validated with
integrity monitoring
tools, to ensure that
only authorized changes
to the images are
possible.

5
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.4 Deploy System

Configuration
Management Tools
• Deploy system
configuration
management tools that
will automatically
enforce and redeploy
configuration settings to
systems at regularly
scheduled intervals.

6
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.5 Implement Automated

Configuration Monitoring
Systems
• Utilize a Security
Content Automation
Protocol (SCAP)
compliant configuration
monitoring system to
verify all security
configuration elements,
catalog approved
exceptions, and alert..
7
SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.5 Implement Automated

Configuration Monitoring
Systems
• …when unauthorized
changes occur.

END

AuditScripts Critical Security Control Master Mappings v7.0d
No ratings yet
AuditScripts Critical Security Control Master Mappings v7.0d
3,288 pages
AuditScripts CIS Controls Master Mappings v7.1c
No ratings yet
AuditScripts CIS Controls Master Mappings v7.1c
3,475 pages
AuditScripts CIS Controls Master Mappings v7.1b
No ratings yet
AuditScripts CIS Controls Master Mappings v7.1b
3,429 pages
AuditScripts CIS Controls Master Mappings V7.1a
No ratings yet
AuditScripts CIS Controls Master Mappings V7.1a
3,370 pages
AuditScripts CIS Controls Master Mappings v7.1c
No ratings yet
AuditScripts CIS Controls Master Mappings v7.1c
3,475 pages
Es Lint Prettier Guide JSM
No ratings yet
Es Lint Prettier Guide JSM
22 pages
CIS Controls and Sub Controls Mapping To NIST CSF
0% (1)
CIS Controls and Sub Controls Mapping To NIST CSF
64 pages
CIS Controls Version 8.1!6!24 2024
No ratings yet
CIS Controls Version 8.1!6!24 2024
46 pages
Applying Domain-Driven Design and Patterns - With Examples in C#
100% (3)
Applying Domain-Driven Design and Patterns - With Examples in C#
613 pages
CIS Controls v8.1 Mapping To NIST SP 800 53 Rev 5 Moderate and Low Ba
No ratings yet
CIS Controls v8.1 Mapping To NIST SP 800 53 Rev 5 Moderate and Low Ba
268 pages
STANDARD Secure-Configuration-and-Hardening Template en
No ratings yet
STANDARD Secure-Configuration-and-Hardening Template en
12 pages
Cobol by Java Tpoint
No ratings yet
Cobol by Java Tpoint
18 pages
Data Flow Diagram of Hotel Management System
25% (4)
Data Flow Diagram of Hotel Management System
16 pages
CIS Controls v8 and Mapping To ISO27002
No ratings yet
CIS Controls v8 and Mapping To ISO27002
132 pages
Iso 27001 Sample
No ratings yet
Iso 27001 Sample
54 pages
CIS Controls Version 8.1 Change Log 2024-06-24 Final Revised 1
No ratings yet
CIS Controls Version 8.1 Change Log 2024-06-24 Final Revised 1
169 pages
CIS Controls v8 Critical Security Controls 2023 08
No ratings yet
CIS Controls v8 Critical Security Controls 2023 08
82 pages
Togan Coures PDF
100% (1)
Togan Coures PDF
497 pages
Microsoft Azure Security Technologies Practice Tests AZ-500
From Everand
Microsoft Azure Security Technologies Practice Tests AZ-500
iCertify Training
No ratings yet
CIS Controls Version 8.1.2 Change Log March 2025
No ratings yet
CIS Controls Version 8.1.2 Change Log March 2025
164 pages
Security Plus SY0-701 Domain 4 Handout
No ratings yet
Security Plus SY0-701 Domain 4 Handout
275 pages
Secure Configuration ManagementPolicy Template For CIS Control 4
100% (1)
Secure Configuration ManagementPolicy Template For CIS Control 4
19 pages
$RPLDE7P
No ratings yet
$RPLDE7P
69 pages
Public Cloud CIS Controls Version 8
No ratings yet
Public Cloud CIS Controls Version 8
180 pages
CIS Controls v8 Change Log
No ratings yet
CIS Controls v8 Change Log
222 pages
CIS Controls v7.1 Mapping To ISO 27001 v19.07
100% (1)
CIS Controls v7.1 Mapping To ISO 27001 v19.07
46 pages
CIS Controls Checklist
No ratings yet
CIS Controls Checklist
6 pages
ArcoIT Webinar Presentation 2021.07.07 CIS Controls v8 ValentinEhkirch
No ratings yet
ArcoIT Webinar Presentation 2021.07.07 CIS Controls v8 ValentinEhkirch
41 pages
Example Information Security Plan ISP
No ratings yet
Example Information Security Plan ISP
30 pages
CIS Controls v8 Mapping To CSF 2.0 February 2024
No ratings yet
CIS Controls v8 Mapping To CSF 2.0 February 2024
100 pages
CIS Controls Version 7.1 Implementation Groups 1.2
No ratings yet
CIS Controls Version 7.1 Implementation Groups 1.2
64 pages
CIS Controls v8 Change Log Final
100% (1)
CIS Controls v8 Change Log Final
222 pages
CIS Controls v8 Mapping To ISACA COBIT 19 V21.10.spreadsheets
100% (1)
CIS Controls v8 Mapping To ISACA COBIT 19 V21.10.spreadsheets
88 pages
Microsoft Azure DP-300 Exam Dumps
No ratings yet
Microsoft Azure DP-300 Exam Dumps
11 pages
Least Privilege Security for Windows 7, Vista and XP
From Everand
Least Privilege Security for Windows 7, Vista and XP
Russell Smith
No ratings yet
CIS Controls v8.1 Mapping To ISO - IEC 27001.2022 6 2024 07 15
No ratings yet
CIS Controls v8.1 Mapping To ISO - IEC 27001.2022 6 2024 07 15
105 pages
Support and Maintenance Checklist
No ratings yet
Support and Maintenance Checklist
10 pages
CIS Controls v7.1 Mapping PCI DSS V1.0.a
No ratings yet
CIS Controls v7.1 Mapping PCI DSS V1.0.a
126 pages
CIS Controls Version 8 ES
No ratings yet
CIS Controls Version 8 ES
49 pages
Abap Accenture Test1
100% (1)
Abap Accenture Test1
5 pages
CIS Controls v8 Mapping To CSA Cloud Controls Matrix v4 2 2023
No ratings yet
CIS Controls v8 Mapping To CSA Cloud Controls Matrix v4 2 2023
119 pages
CIS RAM v2.1 For IG1 Workbook.22.05
No ratings yet
CIS RAM v2.1 For IG1 Workbook.22.05
174 pages
Wazuh PCI DSS Guide PDF
100% (1)
Wazuh PCI DSS Guide PDF
49 pages
CIS Controls v8 v21.10
100% (1)
CIS Controls v8 v21.10
87 pages
CIS Controls v7.1 Mapping To NIST CSF
No ratings yet
CIS Controls v7.1 Mapping To NIST CSF
60 pages
CIS FortiGate Firewall V2
No ratings yet
CIS FortiGate Firewall V2
118 pages
CIS Controls and Sub-Controls Mapping To ISO
No ratings yet
CIS Controls and Sub-Controls Mapping To ISO
47 pages
EGES Level 1 Baseline Wksts
No ratings yet
EGES Level 1 Baseline Wksts
52 pages
CIS RAM For IG1 Workbook v21.10.25
No ratings yet
CIS RAM For IG1 Workbook v21.10.25
144 pages
TDs Cyber Security
No ratings yet
TDs Cyber Security
50 pages
Iso 27001 Sample
No ratings yet
Iso 27001 Sample
54 pages
CIS Controls Microsoft Windows 10 Cyber Hygiene Guide PDF
No ratings yet
CIS Controls Microsoft Windows 10 Cyber Hygiene Guide PDF
170 pages
CIS Controls v8 Implementation Groups Handout.22.02
No ratings yet
CIS Controls v8 Implementation Groups Handout.22.02
4 pages
CIS Controls Only
No ratings yet
CIS Controls Only
24 pages
CIS Controls Mobile Companion Guide Mapping Applicability-1
No ratings yet
CIS Controls Mobile Companion Guide Mapping Applicability-1
83 pages
CIS Controls v8 Guide
No ratings yet
CIS Controls v8 Guide
87 pages
Configurations (22%) :: Build and Deployment (8%)
0% (1)
Configurations (22%) :: Build and Deployment (8%)
6 pages
Device Hardening Sample
No ratings yet
Device Hardening Sample
5 pages
CIS Controls Measures and Metrics V7
No ratings yet
CIS Controls Measures and Metrics V7
55 pages
CIS Controls Version 7.1 Implementation Groups 1.2
No ratings yet
CIS Controls Version 7.1 Implementation Groups 1.2
64 pages
Pop!_OS System Administration Guide: Definitive Reference for Developers and Engineers
From Everand
Pop!_OS System Administration Guide: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
ISO 27002 Questionnaire-Controls 1-10
0% (1)
ISO 27002 Questionnaire-Controls 1-10
12 pages
Create A Simple Java Web Application Using Servlet
No ratings yet
Create A Simple Java Web Application Using Servlet
80 pages
The CIS Top 20 Controls Explained
No ratings yet
The CIS Top 20 Controls Explained
4 pages
Structured Analysis
No ratings yet
Structured Analysis
69 pages
Blood Bank Management System
0% (2)
Blood Bank Management System
7 pages
ERP Implementation4
No ratings yet
ERP Implementation4
43 pages
sfw3 Sop
No ratings yet
sfw3 Sop
2 pages
CIS Controls V7.0.1-EBOOK - Parte6
No ratings yet
CIS Controls V7.0.1-EBOOK - Parte6
2 pages
fw3 Sop
No ratings yet
fw3 Sop
2 pages
Srinivas University MCA IIIrd Semester Syllabus
0% (1)
Srinivas University MCA IIIrd Semester Syllabus
11 pages
Information Security Transformation-Nahil Mahmood-Lecture 78
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 78
13 pages
Information Security Transformation-Nahil Mahmood-Lecture 80
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 80
11 pages
Information Security Transformation-Nahil Mahmood-Lecture 88
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 88
11 pages
DMA Micro Project Report 2022
No ratings yet
DMA Micro Project Report 2022
49 pages
Information Security Transformation-Nahil Mahmood-Lecture 106
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 106
9 pages
Data Loss Prevention & Mobile Device Management: Enterprise-Grade Security Solution For Any Industry
No ratings yet
Data Loss Prevention & Mobile Device Management: Enterprise-Grade Security Solution For Any Industry
8 pages
Programming Assignment 1: Basic Data Structures
No ratings yet
Programming Assignment 1: Basic Data Structures
18 pages
Information Security Transformation-Nahil Mahmood-Lecture 84
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 84
9 pages
Information Security Transformation-Nahil Mahmood-Lecture 120
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 120
8 pages
Information Security Transformation-Nahil Mahmood-Lecture 119
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 119
8 pages
Secure Configurations of Hardware and Software
No ratings yet
Secure Configurations of Hardware and Software
3 pages
Information Security Transformation-Nahil Mahmood-Lecture 58
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 58
7 pages
100 (And Counting) Laravel Quick Tips: Prepared By: Last Updated
No ratings yet
100 (And Counting) Laravel Quick Tips: Prepared By: Last Updated
41 pages
Information Security Transformation-Nahil Mahmood-Lecture 108
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 108
6 pages
Nutanix Certified Professional (NCP) : Program Overview
No ratings yet
Nutanix Certified Professional (NCP) : Program Overview
3 pages
Information Security Transformation-Nahil Mahmood-Lecture 116
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 116
5 pages
Information Security Transformation-Nahil Mahmood-Lecture 61
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 61
5 pages
Tools - Vendor Onboarding (SOP)
No ratings yet
Tools - Vendor Onboarding (SOP)
4 pages
Niraj Kumar Lead Azure Architect, MCT (Microsoft Certified Trainer)
No ratings yet
Niraj Kumar Lead Azure Architect, MCT (Microsoft Certified Trainer)
8 pages
DBT Analytics Engineering Exam Questions
No ratings yet
DBT Analytics Engineering Exam Questions
12 pages
Performancetuningwithoracleashawrpart1howandwhat 13122101074546 Phpapp02 110801095114 Phpapp02
No ratings yet
Performancetuningwithoracleashawrpart1howandwhat 13122101074546 Phpapp02 110801095114 Phpapp02
18 pages
STC Cybersecurity Analysis: 1 Phase One - Company Introduction: Saudi Telecom Company (STC)
No ratings yet
STC Cybersecurity Analysis: 1 Phase One - Company Introduction: Saudi Telecom Company (STC)
7 pages
Student Info System
No ratings yet
Student Info System
9 pages
Web Technology and Application
No ratings yet
Web Technology and Application
6 pages
CASE Tools
No ratings yet
CASE Tools
2 pages
AlienVault Open Threat Exchange
No ratings yet
AlienVault Open Threat Exchange
2 pages
Date Picker: Showdialog
No ratings yet
Date Picker: Showdialog
9 pages
Drug Activity Prediction - Updated
No ratings yet
Drug Activity Prediction - Updated
5 pages
Assignment No. 01 Semester: Fall 2019 CS205: Information Security Total Marks: 15 Due Date
No ratings yet
Assignment No. 01 Semester: Fall 2019 CS205: Information Security Total Marks: 15 Due Date
4 pages
Timeline - FRA Portal Implementation - 22nd May 24
No ratings yet
Timeline - FRA Portal Implementation - 22nd May 24
1 page
Module 5 - Infographic
No ratings yet
Module 5 - Infographic
1 page

Information Security Transformation-Nahil Mahmood-Lecture 109

Uploaded by

Information Security Transformation-Nahil Mahmood-Lecture 109

Uploaded by

SECURITY HARDENING - SECURE SOFTWARE IMAGES

5.1 Establish Secure

5.2 Maintain Secure

5.2 Maintain Secure

5.3 Securely Store Master

5.4 Deploy System

5.5 Implement Automated

5.5 Implement Automated

You might also like