.

security ops checklists

<<

cb122

Newbie
Newbie

Posts: 20

Joined: Tue Jan 15, 2013 8:54 am

Post Mon Jan 28, 2013 7:45 am

security ops checklists

I know this site is packed full of experts in the art of pen testing and ethical hacking, but due to your security expertise I was wondering if you can help point me in the direction of some sort of security operations checklist. I.e. the day to day maintenance and monitoring tasks required to maintain acceptable levels of security on your internal host systems. Microsoft has started publishing operations frameworks for many of their server products, i.e. if we take the Active Directory domain services document, it lists numerous routine security “tasks”, such as:

• Review the Remote Access Service account access policy, and update it to meet security policies.
• Review User account properties, and update the Remote Desktop group to meet security policies.
• Remove locked-out, disabled, or expired accounts.
• Ensure that the most restrictive permissions are applied (shares)
• Remove shared folders that are no longer required.
• Verify and ensure that NTFS file system permissions are set appropriately on all shared folders and content in shared folders.


So there is some information I can obtain from here. But if you have ever had any role in security ops as opposed to pen testing, I wondered if you have any input you can share. I am looking at this from a risk assessment perspective, to see if they are doing such tasks, but I was struggling to find anything comprehensive. So any guidance or links to such documentation most welcome. But any sort of essential security operations lists be it daily, weekly, monthly etc would be a great help.

Many Thanks
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Jan 28, 2013 8:47 am

Re: security ops checklists

The day you stop learning is the day you start becoming obsolete.
<<

cb122

Newbie
Newbie

Posts: 20

Joined: Tue Jan 15, 2013 8:54 am

Post Mon Jan 28, 2013 11:25 am

Re: security ops checklists



Thanks for the link. If you have senior management serious abaout security where you work, or for your clients, do they ever ask for any specific security metrics to gauge how well they are doing? If yes which specific metrics do you use/produce?
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon Jan 28, 2013 12:13 pm

Re: security ops checklists

SANS 20 critical security controls is another good document to reference: http://www.sans.org/critical-security-controls/

Each control shown there explains the what and why, implementation methods, automation, metrics, etc.
GSEC, eCPPT, Sec+
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Jan 28, 2013 11:28 pm

Re: security ops checklists

I personally haven't done a great deal with metrics. This is a good read though: http://www.amazon.com/Security-Metrics- ... ty+metrics

I would review your risk assessments and policies in order to get an idea of which metrics may be meaningful to you.
The day you stop learning is the day you start becoming obsolete.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 3 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software