• Complain

Center for Internet Security - CIS Critical Security Controls

Here you can read online Center for Internet Security - CIS Critical Security Controls full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2021, publisher: Center for Internet Security, genre: Business. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Center for Internet Security CIS Critical Security Controls

CIS Critical Security Controls: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "CIS Critical Security Controls" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Formerly the SANS Critical Security Controls (SANS Top 20) these are now officially called the CIS Critical Security Controls (CIS Controls).CIS Controls Version 8 combines and consolidates the CIS Controls by activities, rather than by who manages the devices. Physical devices, fixed boundaries, and discrete islands of security implementation are less important; this is reflected in v8 through revised terminology and grouping of Safeguards, resulting in a decrease of the number of Controls from 20 to 18.

Center for Internet Security: author's other books


Who wrote CIS Critical Security Controls? Find out the surname, the name of the author of the book and a list of all author's works by series.

CIS Critical Security Controls — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "CIS Critical Security Controls" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Table of Contents
Landmarks
CIS Critical Security Control 2: Inventory and Control of Software Assets
Overview Actively manage inventory track and correct all software - photo 1
Overview

Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.

Why is this Control critical?

A complete software inventory is a critical foundation for preventing attacks. Attackers continuously scan target enterprises looking for vulnerable versions of software that can be remotely exploited. For example, if a user opens a malicious website or attachment with a vulnerable browser, an attacker can often install backdoor programs and bots that give the attacker long-term control of the system. Attackers can also use this access to move laterally through the network. One of the key defenses against these attacks is updating and patching software. However, without a complete inventory of software assets, an enterprise cannot determine if they have vulnerable software, or if there are potential licensing violations.

Even if a patch is not yet available, a complete software inventory list allows an enterprise to guard against known attacks until the patch is released. Some sophisticated attackers use zero-day exploits, which take advantage of previously unknown vulnerabilities that have yet to have a patch released from the software vendor. Depending on the severity of the exploit, an enterprise can implement temporary mitigation measures to guard against attacks until the patch is released.

Management of software assets is also important to identify unnecessary security risks. An enterprise should review its software inventory to identify any enterprise assets running software that is not needed for business purposes. For example, an enterprise asset may come installed with default software that creates a potential security risk and provides no benefit to the enterprise. It is critical to inventory, understand, assess, and manage all software connected to an enterprises infrastructure.

Procedures and tools

Allowlisting can be implemented using a combination of commercial allowlisting tools, policies, or application execution tools that come with anti-malware suites and popular operating systems. Commercial software inventory tools are widely available and used in many enterprises today. The best of these tools provides an inventory check of hundreds of common software used in enterprises. The tools pull information about the patch level of each installed program to ensure that it is the latest version and leverage standardized application names, such as those found in the Common Platform Enumeration (CPE) specification. One example of a method that can be used is the Security Content Automation Protocol (SCAP). Additional information on SCAP can be found here: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST. SP.800-126r3.pdf

Features that implement allowlists are included in many modern endpoint security suites and even natively implemented in certain versions of major operating systems. Moreover, commercial solutions are increasingly bundling together anti-malware, anti- spyware, personal firewall, and host-based IDS and Intrusion Prevention System (IPS), along with application allow and block listing. In particular, most endpoint security solutions can look at the name, file system location, and/or cryptographic hash of a given executable to determine whether the application should be allowed to run on the protected machine. The most effective of these tools offer custom allowlists based on executable path, hash, or regular expression matching. Some even include a non- malicious, yet unapproved, applications function that allows administrators to define rules for execution of specific software for certain users and at certain times of the day.

  • For cloud-specific guidance, refer to the CIS Controls Cloud Companion Guide https://www.cisecurity.org/controls/v8/
  • For tablet and smart phone guidance, refer to the CIS Controls Mobile Companion Guide https://www.cisecurity.org/controls/v8/
  • For IoT guidance, refer to the CIS Controls Internet of Things Companion Guide https://www.cisecurity.org/controls/v8/
  • For Industrial Control Systems (ICS) guidance, refer to the CIS Controls ICS Implementation Guide https://www.cisecurity.org/controls/v8/
Safeguards
NumberTitle/DescriptionAsset TypeSecurity FunctionIG1IG2IG3
2.1Establish and Maintain a Software InventoryApplicationsIdentify
Establish and maintain a detailed inventory of all licensed software installed on enterprise assets. The software inventory must document the title, publisher, initial install/use date, and business purpose for each entry; where appropriate, include the Uniform Resource Locator (URL), app store(s), version(s), deployment mechanism, and decommission date. Review and update the software inventory bi-annually, or more frequently.
2.2Ensure Authorized Software is Currently SupportedApplicationsIdentify
Ensure that only currently supported software is designated as authorized in the software inventory for enterprise assets. If software is unsupported, yet necessary for the fulfillment of the enterprises mission, document an exception detailing mitigating controls and residual risk acceptance. For any unsupported software without an exception documentation, designate as unauthorized. Review the software list to verify software support at least monthly, or more frequently.
2.3Address Unauthorized SoftwareApplicationsRespond
Ensure that unauthorized software is either removed from use on enterprise assets or receives a documented exception. Review monthly, or more frequently.
2.4Utilize Automated Software Inventory ToolsApplicationsDetect
Utilize software inventory tools, when possible, throughout the enterprise to automate the discovery and documentation of installed software.
2.5Allowlist Authorized SoftwareApplicationsProtect
Use technical controls, such as application allowlisting, to ensure that only authorized software can execute or be accessed. Reassess bi-annually, or more frequently.
2.6Allowlist Authorized LibrariesApplicationsProtect
Use technical controls to ensure that only authorized software libraries, such as specific .dll, .ocx, .so, etc., files are allowed to load into a system process. Block unauthorized libraries from loading into a system process. Reassess bi-annually, or more frequently.
2.7Allowlist Authorized ScriptsApplicationsProtect
Use technical controls, such as digital signatures and version control, to ensure that only authorized scripts, such as specific .ps1, .py, etc., files are allowed to execute. Block unauthorized scripts from executing. Reassess bi-annually, or more frequently.
CIS Critical Security Control 3: Data Protection
Overview Develop processes and technical controls to identify classify - photo 2
Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «CIS Critical Security Controls»

Look at similar books to CIS Critical Security Controls. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «CIS Critical Security Controls»

Discussion, reviews of the book CIS Critical Security Controls and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.