[Paper] – Bộ tài liệu Security Benchmarks theo chuẩn CIS

Giới thiệu

Center for Internet Security

The Center for Internet Security (CIS) is a not-for-profit organization focused on enhancing the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. Through its three divisions–Security Benchmarks, Multi-State ISAC and Trusted Cyber Security Purchasing Alliance–CIS serves as a central resource in the development and delivery of high-quality, timely products and services to assist our partners in government, academia, the private sector and the general public in improving their cyber security posture.

CIS Security Benchmarks Division

The CIS Security Benchmarks division improves organization’s security posture by helping them reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls. The Division provides enterprises with consensus best practice standards for security configurations, as well as resources for measuring information security status and for making informed decisions about security investments.

Và đây là bộ “best practice standards” chứa các chỉ dẫn thiết lập, cấu hình bảo mật cho:

  • Hệ điều hành: AIX, HP-UX, Apple OSX, Linux, Windows, Android, iOS,..
  • Cơ sở dữ liệu: Exchange, DB2, Oracle, MySQL, SQL Server,…
  • Ứng dụng: BIND, Firefox, Apache, IIS, OpenLDAP,…
  • Nền tảng: Xen, VMware, SharePoint,…

Tải về:

Tham khảo thêm các tài liệu, công cụ khác:

Dựa vào đấy thì có thể tự xây dựng các công cụ phần mềm dùng để đánh giá, đo lường trạng thái an toàn của các hệ thống, dịch vụ trên theo những nội dung mà CIS đưa ra trong tài liệu. Hoặc không thì dùng luôn các công cụ kiểm tra mà CIS cung cấp sẵn ở đây: http://benchmarks.cisecurity.org/en-us/?route=downloads.audittools


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s