Center for Internet Security - CIS Critical Security Controls
Here you can read online Center for Internet Security - CIS Critical Security Controls full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2021, publisher: Center for Internet Security, genre: Business. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:CIS Critical Security Controls
- Author:
- Publisher:Center for Internet Security
- Genre:
- Year:2021
- Rating:5 / 5
- Favourites:Add to favourites
- Your mark:
CIS Critical Security Controls: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "CIS Critical Security Controls" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Center for Internet Security: author's other books
Who wrote CIS Critical Security Controls? Find out the surname, the name of the author of the book and a list of all author's works by series.
CIS Critical Security Controls — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "CIS Critical Security Controls" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.
A complete software inventory is a critical foundation for preventing attacks. Attackers continuously scan target enterprises looking for vulnerable versions of software that can be remotely exploited. For example, if a user opens a malicious website or attachment with a vulnerable browser, an attacker can often install backdoor programs and bots that give the attacker long-term control of the system. Attackers can also use this access to move laterally through the network. One of the key defenses against these attacks is updating and patching software. However, without a complete inventory of software assets, an enterprise cannot determine if they have vulnerable software, or if there are potential licensing violations.
Even if a patch is not yet available, a complete software inventory list allows an enterprise to guard against known attacks until the patch is released. Some sophisticated attackers use zero-day exploits, which take advantage of previously unknown vulnerabilities that have yet to have a patch released from the software vendor. Depending on the severity of the exploit, an enterprise can implement temporary mitigation measures to guard against attacks until the patch is released.
Management of software assets is also important to identify unnecessary security risks. An enterprise should review its software inventory to identify any enterprise assets running software that is not needed for business purposes. For example, an enterprise asset may come installed with default software that creates a potential security risk and provides no benefit to the enterprise. It is critical to inventory, understand, assess, and manage all software connected to an enterprises infrastructure.
Allowlisting can be implemented using a combination of commercial allowlisting tools, policies, or application execution tools that come with anti-malware suites and popular operating systems. Commercial software inventory tools are widely available and used in many enterprises today. The best of these tools provides an inventory check of hundreds of common software used in enterprises. The tools pull information about the patch level of each installed program to ensure that it is the latest version and leverage standardized application names, such as those found in the Common Platform Enumeration (CPE) specification. One example of a method that can be used is the Security Content Automation Protocol (SCAP). Additional information on SCAP can be found here: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST. SP.800-126r3.pdf
Features that implement allowlists are included in many modern endpoint security suites and even natively implemented in certain versions of major operating systems. Moreover, commercial solutions are increasingly bundling together anti-malware, anti- spyware, personal firewall, and host-based IDS and Intrusion Prevention System (IPS), along with application allow and block listing. In particular, most endpoint security solutions can look at the name, file system location, and/or cryptographic hash of a given executable to determine whether the application should be allowed to run on the protected machine. The most effective of these tools offer custom allowlists based on executable path, hash, or regular expression matching. Some even include a non- malicious, yet unapproved, applications function that allows administrators to define rules for execution of specific software for certain users and at certain times of the day.
- For cloud-specific guidance, refer to the CIS Controls Cloud Companion Guide https://www.cisecurity.org/controls/v8/
- For tablet and smart phone guidance, refer to the CIS Controls Mobile Companion Guide https://www.cisecurity.org/controls/v8/
- For IoT guidance, refer to the CIS Controls Internet of Things Companion Guide https://www.cisecurity.org/controls/v8/
- For Industrial Control Systems (ICS) guidance, refer to the CIS Controls ICS Implementation Guide https://www.cisecurity.org/controls/v8/
| Number | Title/Description | Asset Type | Security Function | IG1 | IG2 | IG3 |
|---|---|---|---|---|---|---|
| 2.1 | Establish and Maintain a Software Inventory | Applications | Identify | |||
| Establish and maintain a detailed inventory of all licensed software installed on enterprise assets. The software inventory must document the title, publisher, initial install/use date, and business purpose for each entry; where appropriate, include the Uniform Resource Locator (URL), app store(s), version(s), deployment mechanism, and decommission date. Review and update the software inventory bi-annually, or more frequently. | ||||||
| 2.2 | Ensure Authorized Software is Currently Supported | Applications | Identify | |||
| Ensure that only currently supported software is designated as authorized in the software inventory for enterprise assets. If software is unsupported, yet necessary for the fulfillment of the enterprises mission, document an exception detailing mitigating controls and residual risk acceptance. For any unsupported software without an exception documentation, designate as unauthorized. Review the software list to verify software support at least monthly, or more frequently. | ||||||
| 2.3 | Address Unauthorized Software | Applications | Respond | |||
| Ensure that unauthorized software is either removed from use on enterprise assets or receives a documented exception. Review monthly, or more frequently. | ||||||
| 2.4 | Utilize Automated Software Inventory Tools | Applications | Detect | |||
| Utilize software inventory tools, when possible, throughout the enterprise to automate the discovery and documentation of installed software. | ||||||
| 2.5 | Allowlist Authorized Software | Applications | Protect | |||
| Use technical controls, such as application allowlisting, to ensure that only authorized software can execute or be accessed. Reassess bi-annually, or more frequently. | ||||||
| 2.6 | Allowlist Authorized Libraries | Applications | Protect | |||
| Use technical controls to ensure that only authorized software libraries, such as specific .dll, .ocx, .so, etc., files are allowed to load into a system process. Block unauthorized libraries from loading into a system process. Reassess bi-annually, or more frequently. | ||||||
| 2.7 | Allowlist Authorized Scripts | Applications | Protect | |||
| Use technical controls, such as digital signatures and version control, to ensure that only authorized scripts, such as specific .ps1, .py, etc., files are allowed to execute. Block unauthorized scripts from executing. Reassess bi-annually, or more frequently. |
Font size:
Interval:
Bookmark:
Similar books «CIS Critical Security Controls»
Look at similar books to CIS Critical Security Controls. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book CIS Critical Security Controls and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.