IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

<strong>IT</strong> <strong>Baseline</strong> <strong>Protection</strong> of Generic Components<br />

_________________________________________________________________________________________<br />

2.3.2 Modelling of an Individual <strong>IT</strong> System<br />

Depending on the object(s) under examination, the tables below serve different functions. If the <strong>IT</strong><br />

assets under consideration consists only of a single <strong>IT</strong> system or a single group of <strong>IT</strong> systems which<br />

have the same configuration, same framework conditions and same applications, then as a minimum<br />

the modules required for modelling can be read directly out of these tables. Modules with no entry in<br />

the relevant column should be used as well if they are relevant to the individual <strong>IT</strong> system under<br />

consideration.<br />

If on the other hand the <strong>IT</strong> assets are composed out of different components, then the tables provided<br />

below will help in checking whether modelling as described in Section 2.3.1 is complete. If, for<br />

example, the present <strong>IT</strong> assets contains Windows NT clients, then all the modules which have an "X"<br />

in the relevant table should be considered during modelling. Modules identified with "(X)" only need<br />

to be used when certain conditions apply. <strong>The</strong>se conditions are listed in Section 2.3.1.<br />

Key:<br />

X: <strong>The</strong> module must be applied to this <strong>IT</strong> system.<br />

(X): <strong>The</strong> module must be applied to this <strong>IT</strong> system if the conditions specified in Sectio 2.3.1<br />

apply.<br />

X1: A server room can be replaced by a server cabinet.<br />

<strong>IT</strong> Systems Stand-Alone Systems / Clients<br />

Module DOS-PC<br />

(Single<br />

User)<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000<br />

UNIX<br />

System<br />

Laptop PC PC (Multiuser)<br />

Windows<br />

NT PC<br />

Windows<br />

95 PC<br />

3.0 <strong>IT</strong> Security Management X X X X X X<br />

3.1 Organisation X X X X X X<br />

3.2 Personnel X X X X X X<br />

3.3 Contingency Planning Concept (X) (X) (X) (X) (X) (X)<br />

3.4 Data Backup Policy X X X X X X<br />

3.6 Computer Virus <strong>Protection</strong><br />

Concept<br />

X X X X X X<br />

3.7 Crypto Concept (X) (X) (X) (X) (X) (X)<br />

3.8 Handling of Security Incidents (X) (X) (X) (X) (X) (X)<br />

4.1 Buildings X X X X X<br />

4.2 Cabling X X X X X<br />

4.3.1 Offices X X X X X<br />

4.3.2 Server rooms<br />

4.3.3 Storage Media Archives<br />

4.3.4 Technical Infrastructure Rooms<br />

4.4 Protective Cabinets

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!