IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

An unfavourable distribution of data files is:<br />

Hard disk 1: Storage of the data files for the indices of both applications<br />

Hard disk 2: Storage of the data files for the tables of the first<br />

application<br />

Hard disk 3: Storage of the data files for the tables of the second<br />

application<br />

Hard disk 4: -<br />

A failure on the first hard disk would affect both applications, rendering<br />

them unusable.<br />

A more favourable distribution of data files is:<br />

Hard disk 1: Storage of the data files for the indexes of the first<br />

application<br />

Hard disk 2: Storage of the data files for the tables of the first<br />

application<br />

Hard disk 3: Storage of the data files for the indexes of the second<br />

application<br />

Hard disk 4: Storage of the data files for the tables of the second<br />

application<br />

In this case, only one application would be affected by a failure on any of<br />

the hard disks.<br />

- Once the database has been put into operation, the generated data volumes<br />

must be checked regularly in order to plan sufficient increases in storage<br />

capacity for future necessities.<br />

- Suitable data backup mechanisms must be employed (refer to S 6.49<br />

Database backups).<br />

- <strong>The</strong> use of monitoring and control mechanisms must be specified, i.e.<br />

whether and to what extent database activities need to be logged. This also<br />

includes specifying whether only the times of data modifications should be<br />

recorded, or whether the modifications themselves should also be logged<br />

(refer to S 2.133 Checking the log files of a database system).<br />

Suitable personnel must be available for planning and operating the database<br />

system. <strong>The</strong> time required to run a database system is not to be<br />

underestimated. Experience has shown that an analysis of the accumulated log<br />

data alone is very time consuming. <strong>The</strong> database administrator must possess a<br />

detailed knowledge of the installed database management software and must<br />

be trained appropriately to use it.<br />

Additional controls:<br />

- Have security objectives related to the use of a database system been<br />

formulated and documented?<br />

- Has direct access to the databases via an interactive query language been<br />

precluded?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!