version_locking_legacy_environments
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
version_locking_legacy_environments [2019/01/23 22:37] – sgriggs | version_locking_legacy_environments [2019/01/23 22:40] – [Auditing Standards] sgriggs | ||
---|---|---|---|
Line 50: | Line 50: | ||
Creating a formal audit-document that records your results will also prove to be an advantage come audit-time. The outside auditors will be able to use your work as a reference. If they can see you did a thorough job, they are more likely to sign off on their own audit results because their confidence is higher. If you were an inspector looking for asbestos insulation, who would you be more likely to trust, the guy who shrugs and says "I don't know where it is or if we even have asbestos." | Creating a formal audit-document that records your results will also prove to be an advantage come audit-time. The outside auditors will be able to use your work as a reference. If they can see you did a thorough job, they are more likely to sign off on their own audit results because their confidence is higher. If you were an inspector looking for asbestos insulation, who would you be more likely to trust, the guy who shrugs and says "I don't know where it is or if we even have asbestos." | ||
- | + | __Audit | |
- | Audit These Yourself | + | |
* Application software names and versions. | * Application software names and versions. | ||
Line 99: | Line 98: | ||
Let's take a moment to discuss " | Let's take a moment to discuss " | ||
- | Penetration Scanners | + | __Penetration Scanners__ |
* NMAP | * NMAP | ||
* Kali Linux | * Kali Linux | ||
Line 134: | Line 134: | ||
So, for each vulnerability that you've determined is potentially valid put on your auditor hat and ask several questions. | So, for each vulnerability that you've determined is potentially valid put on your auditor hat and ask several questions. | ||
- | Audit Questions about Vulnerabilities | + | __Audit |
* Do you have a policy about vulnerabilities? | * Do you have a policy about vulnerabilities? | ||
* Do you have a policy about this vulnerability? | * Do you have a policy about this vulnerability? | ||
Line 178: | Line 178: | ||
- | Requirements | + | __Requirements |
* You've got to have an IT security policy. | * You've got to have an IT security policy. |
version_locking_legacy_environments.txt · Last modified: 2019/01/25 21:20 by sgriggs