IT Baseline Protection Manual - The Information Warfare Site

Non-Networked Systems and Clients IT-Security Management
_________________________________________________________________________________________
Force Majeure
- T 1.1 Loss of personnel
- T 1.2 Failure of the IT system
- T 1.4 Fire
- T 1.5 Water
- T 1.8 Dust, soiling
Organisational shortcomings:
- T 2.7 Unauthorised use of rights
- T 2.9 Poor adjustment to changes in the use of IT
- T 2.31 Inadequate protection of the Windows NT system
Human Failure:
- T 3.2 Negligent destroying of equipment or data
- T 3.3 Non-compliance with IT security measures
- T 3.6 Hazards posed by cleaning staff or outside staff
- T 3.8 Improper use of the IT system
- T 3.9 Improper IT system administration
Technical Failure:
- T 4.1 Disruption of power supply
- T 4.7 Defective data media
- T 4.8 Discovery of software vulnerabilities
- T 4.23 Automatic CD-ROM-recognition
Deliberate Acts:
- T 5.1 Manipulation/destruction of IT equipment or accessories
- T 5.2 Manipulation of data or software
- T 5.4 Theft
- T 5.9 Unauthorised use of IT systems
- T 5.18 Systematic trying-out of passwords
- T 5.21 Trojan Horses
- T 5.23 Computer viruses
- T 5.43 Macro viruses
- T 5.52 Misuse of administrator rights in Windows NT systems
- T 5.79 Unauthorised acquisition of administrator rights under Windows NT
Recommended Countermeasures (S)
For the implementation of IT baseline protection, selection of the required packages of safeguards
("modules") as described in chapters 2.3 and 2.4, is recommended.
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000