2.0
Level 2 Description: Audit information includes all information (e.g., audit records, audit log settings, and audit reports) needed to successfully aud...
Mon, 17 Jul, 2023 at 9:02 AM
Level 2 Description: Individuals with privileged access to a system and who are also the subject of an audit by that system may affect the reliability ...
Mon, 17 Jul, 2023 at 9:13 AM
Level 2 Description: Baseline configurations are documented, formally reviewed, and agreed-upon specifications for systems or configuration items withi...
Tue, 18 Jul, 2023 at 10:39 PM
Level 2 Description: Configuration settings are the set of parameters that can be changed in hardware, software, or firmware components of the system t...
Tue, 18 Jul, 2023 at 10:52 PM
Level 2 Description: Tracking, reviewing, approving/disapproving, and logging changes is called configuration change control. Configuration change cont...
Tue, 18 Jul, 2023 at 11:04 PM
Level 2 Description: Organizational personnel with information security responsibilities (e.g., system administrators, system security officers, system...
Tue, 18 Jul, 2023 at 11:13 PM
Level 2 Description: Any changes to the hardware, software, or firmware components of systems can potentially have significant effects on the overall s...
Tue, 18 Jul, 2023 at 11:24 PM
Level 2 Description: Systems can provide a wide variety of functions and services. Some of the functions and services routinely provided by default, ma...
Tue, 18 Jul, 2023 at 11:37 PM
Level 2 Description: Restricting the use of nonessential software (programs) includes restricting the roles allowed to approve program execution; prohi...
Tue, 18 Jul, 2023 at 11:47 PM
Level 2 Description: The process used to identify software programs that are not authorized to execute on systems is commonly referred to as blacklisti...
Tue, 18 Jul, 2023 at 11:57 PM