800-171
Description: Audit information includes all information (e.g., audit records, audit log settings, and audit reports) needed to successfully audit system...
Tue, 11 Jul, 2023 at 4:37 AM
Description: Individuals with privileged access to a system and who are also the subject of an audit by that system may affect the reliability of audit i...
Tue, 11 Jul, 2023 at 4:41 AM
Description: Baseline configurations are documented, formally reviewed, and agreed-upon specifications for systems or configuration items within those s...
Tue, 11 Jul, 2023 at 4:44 AM
Description: Configuration settings are the set of parameters that can be changed in hardware, software, or firmware components of the system that affec...
Tue, 11 Jul, 2023 at 4:50 AM
Description: Tracking, reviewing, approving/disapproving, and logging changes is called configuration change control. Configuration change control for o...
Tue, 11 Jul, 2023 at 4:54 AM
Description: Organizational personnel with information security responsibilities (e.g., system administrators, system security officers, system security ...
Tue, 11 Jul, 2023 at 5:10 AM
Description: Any changes to the hardware, software, or firmware components of systems can potentially have significant effects on the overall security o...
Tue, 11 Jul, 2023 at 5:16 AM
Description: Systems can provide a wide variety of functions and services. Some of the functions and services routinely provided by default, may not be ...
Tue, 11 Jul, 2023 at 5:20 AM
Description: Restricting the use of nonessential software (programs) includes restricting the roles allowed to approve program execution; prohibiting auto...
Tue, 11 Jul, 2023 at 5:27 AM
Description: The process used to identify software programs that are not authorized to execute on systems is commonly referred to as blacklisting. The p...
Tue, 11 Jul, 2023 at 5:31 AM